[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

RE: [Fedora-directory-users] Re: SubjectAltName how does it work?

From: "Alex" <magobin gmail com>
To: "'General discussion list for the Fedora Directory server project.'" <fedora-directory-users redhat com>
Subject: RE: [Fedora-directory-users] Re: SubjectAltName how does it work?
Date: Mon, 10 Apr 2006 19:07:10 +0200

  
> On server2 - did you change Alt-Cert to Server-Cert in the 
> cert database, or did you change the attribute 
> nsSSLPersonalitySSL in entry cn=RSA,cn=encryption,cn=config 
> to be Alt-Cert instead of Server-Cert?


I did exactly that I wrote..so, after maked a certificates, I exported db on
server2 and in console I enabled encryption ssl using....on the first
server(nodo1) nodo1.domain.example.com and on second server(nodo2) Alt-Cert

> > ./mmr.pl --host1 nodo1.domain.example.com 
> <http://nodo1.domain.example.com> --host2 
> > nodo2.domain.example.com <http://nodo2.domain.example.com> 
> --host1_id 1 --host2_id 2 --bindpw secret
> > --repmanpw secret --create --with-ssl

Trying to run replacing nodo1.domain.example.com with
http://nodo1.domain.example.com and nodo2.domain.example.com with
http://nodo2.domain.example.com the script says:

Died at ./mmr.pl line 418, <DATA> line 339


Today I remade certificate and I used Alt-Cert nick for server1 and nodo2
for server2...now running script it says:

[10/Apr/2006:12:24:11 +0000] NSMMReplicationPlugin - agmt="cn="Replication
to nodo2.domain.example.com"" (nodo2:636): Simple bind failed, LDAP sdk
error 81 (Can't contact LDAP server), Netscape Portable Runtime error -12276
(Unable to communicate securely with peer: requested domain name does not
match the server's certificate.)

Thanks
Alex

References:
- Re: [Fedora-directory-users] Re: SubjectAltName how does it work?
  - From: Richard Megginson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]