[Fedora-directory-users] Setting a self ssl certificate
Steven Jones
Steven.Jones at vuw.ac.nz
Thu Sep 13 21:56:13 UTC 2007
Errors while following,
http://directory.fedoraproject.org/wiki/Howto:SSL
# ../shared/bin/certutil -S -n "CA certificate" -s \
> "cn=CAcert" -x -t "CT,," -m 1000 -v 120 -d . -z noise.txt -f \
> pwdfile.txt
Generating key. This may take a few moments...
certutil-bin: could not obtain certificate from file: DER-encoded
message contained extra unused data.
Does this mean anything?
Followed by this error,
[root at vuwunicvfdsm001 alias]# ../shared/bin/certutil -S -n "Server-Cert"
-s\
> "cn=vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v \
> 120 -d . -z noise.txt -f pwdfile.txt
Generating key. This may take a few moments...
certutil-bin: could not find certificate named "CA certificate":
security library: bad database.
certutil-bin: unable to create cert (security library: bad database.)
[root at vuwunicvfdsm001 alias]#
Does this mean anything?
The contents of alias/ are,
[root at vuwunicvfdsm001 alias]# ls -l
total 608
-rw------- 1 nobody nobody 65536 Sep 14 09:27
admin-serv-vuwunicvfdsm001-cert8.db
-rw------- 1 nobody nobody 16384 Sep 14 09:27
admin-serv-vuwunicvfdsm001-key3.db
-rw------- 1 root root 65536 Sep 14 09:46 cert8.db
-rw------- 1 root root 16384 Sep 14 09:46 key3.db
-rwxr-xr-x 1 nobody nobody 239744 Nov 8 2006 libnssckbi.so
-rw-r--r-- 1 nobody nobody 62 Sep 14 09:44 noise.txt
-rw------- 1 nobody nobody 65536 Sep 13 15:43
orig-slapd-vuwunicvfdsm001-cert8.db
-rw------- 1 nobody nobody 16384 Sep 13 15:43
orig-slapd-vuwunicvfdsm001-key3.db
-rw-r--r-- 1 nobody nobody 9 Sep 13 15:43 pwdfile.txt
-rw------- 1 nobody nobody 16384 Sep 13 15:33 secmod.db
-rw------- 1 nobody nobody 65536 Sep 13 15:33
slapd-vuwunicvfdsm001-cert8.db
-rw------- 1 nobody nobody 16384 Sep 14 09:29
slapd-vuwunicvfdsm001-key3.db
-rw-r----- 1 nobody nobody 416 Sep 14 09:27 tempcert
-rw-r----- 1 nobody nobody 345 Sep 14 09:27 tempcertreq
It is possible that since I generated some keys earlier there is some
"residue" that needs removing?
Secmod.db?
Tempcert?
Tempcertreq?
Regards
Steven
More information about the Fedora-directory-users
mailing list