[Fedora-directory-users] RedHat 4/Fedora-DS - SSL Cert DB not readable?
Richard Megginson
rmeggins at redhat.com
Tue Oct 2 23:04:33 UTC 2007
Travis wrote:
> I agree with Graham's original idea - its almost as if the server is not
> looking in the proper location for the database. Does anyone know where
> this is set?
>
It looks for /opt/fedora-ds/alias/slapd-instancename-cert8.db - also
grep -i nscert /opt/fedora-ds/slapd-instancename/config/dse.ldif
> Thanks,
>
> Travis
>
> On Tue, 2007-10-02 at 18:25 -0400, Travis wrote:
>
>> Hi,
>>
>> No, as noted it is a completely new install, and I've already ddouble
>> checked permissions.
>>
>> Regardless - I've also tried chowning the entire tree to ldap (yes, this
>> is the user privs are being dropped to), as well as setting a+rw on the
>> entire /opt/fedora-ds tree.
>>
>> Thanks,
>>
>> Travis
>>
>>
>> On Tue, 2007-10-02 at 17:30 -0400, Rob Crittenden wrote:
>>
>>> Travis wrote:
>>>
>>>> Hi,
>>>>
>>>> We're preparing to upgrade from the initial DS release to 1.0.4-1 on our
>>>> RHEL4 servers. In testing, we've hit a brick wall while trying to set
>>>> up SSL. We can install the server just fine, but when clicking on
>>>> "Manage Certificates" in the console we get the following:
>>>>
>>>> could not open file slapd-$hostname-cert8.db
>>>>
>>>> We get the same type of error when trying to manage the admin server
>>>> certs.
>>>>
>>>> This is a completely fresh install, and we've double checked file
>>>> ownership, so permissions are not an issue. After working on this for a
>>>> while, I tried installing the FC6 rpm on my FC6 desktop with the same
>>>> settings and JVM, which worked just fine...so its something specific
>>>> about the RHEL4 version or its dependencies.
>>>>
>>>> I found one other post about this kind of issue (From Nov 2006 by Graham
>>>> Leggett), but I never saw a solution. I have even tried initializing
>>>> the DBs by hand with certutil, but this does not appear to make a
>>>> difference.
>>>>
>>>> Any advice?
>>>>
>>>>
>>> Permissions perhaps?
>>>
>>> rob
>>>
>>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>>
>> !DSPAM:10001,4702c57f55891133320659!
>>
>>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20071002/06c3ec5b/attachment.bin>
More information about the Fedora-directory-users
mailing list