Good Morning,
In setting up my 389-ds instance for SSL, the dirsrv instance doesn’t appear to recognize cert9.db or key4.db, the SQLite NSS database formats. Did I miss a setting? Is 389-ds restricted to cert8.db/key3.db? A quick search of the 389-ds wiki didn’t help; Google returns a lot of noise and not much signal.
# service dirsrv start Starting dirsrv: ds01...[27/Jan/2014:21:28:12 -0800] SSL Initialization - Warning: certificate DB file cert8.db nor cert7.db exists in [/etc/dirsrv/slapd-ds01] - SSL initialization will likely fail [27/Jan/2014:21:28:12 -0800] SSL Initialization - Warning: key DB file /etc/dirsrv/slapd-ds01/key3.db does not exist - SSL initialization will likely fail [27/Jan/2014:21:28:12 -0800] - SSL alert: Security Initialization: Unable to authenticate (Netscape Portable Runtime error -8192 - An I/O error occurred during security authorization.) [27/Jan/2014:21:28:12 -0800] - ERROR: SSL Initialization Failed.
Thanks! David
--
David - Offbeat http://dafydd.livejournal.com dafydd - Online http://pgp.mit.edu/ Battalion 4 - Black Rock City Emergency Services Department Integrity*Commitment*Communication*Support
----5----1----5----2----5----3----5----4----5----5----5----6----5----7--
Rene Descartes walks into his neighborhood watering hole. The publican sees him and asks, "Will you have your usual, sir?"
Descartes ponders a moment and replies, "I think not."
And promptly disappears...
----- Original Message -----
Good Morning,
In setting up my 389-ds instance for SSL, the dirsrv instance doesn’t appear to recognize cert9.db or key4.db, the SQLite NSS database formats. Did I miss a setting? Is 389-ds restricted to cert8.db/key3.db? A quick search of the 389-ds wiki didn’t help; Google returns a lot of noise and not much signal.
See https://fedorahosted.org/389/ticket/47681
# service dirsrv start Starting dirsrv: ds01...[27/Jan/2014:21:28:12 -0800] SSL Initialization - Warning: certificate DB file cert8.db nor cert7.db exists in [/etc/dirsrv/slapd-ds01] - SSL initialization will likely fail [27/Jan/2014:21:28:12 -0800] SSL Initialization - Warning: key DB file /etc/dirsrv/slapd-ds01/key3.db does not exist - SSL initialization will likely fail [27/Jan/2014:21:28:12 -0800] - SSL alert: Security Initialization: Unable to authenticate (Netscape Portable Runtime error -8192 - An I/O error occurred during security authorization.) [27/Jan/2014:21:28:12 -0800] - ERROR: SSL Initialization Failed.
Thanks! David
--
David - Offbeat http://dafydd.livejournal.com dafydd - Online http://pgp.mit.edu/ Battalion 4 - Black Rock City Emergency Services Department Integrity*Commitment*Communication*Support
----5----1----5----2----5----3----5----4----5----5----5----6----5----7--
Rene Descartes walks into his neighborhood watering hole. The publican sees him and asks, "Will you have your usual, sir?"
Descartes ponders a moment and replies, "I think not."
And promptly disappears...
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Thank you!
db
On Jan 28, 2014, at 12:02, Richard Megginson rmeggins@redhat.com wrote:
----- Original Message -----
Good Morning,
In setting up my 389-ds instance for SSL, the dirsrv instance doesn’t appear to recognize cert9.db or key4.db, the SQLite NSS database formats. Did I miss a setting? Is 389-ds restricted to cert8.db/key3.db? A quick search of the 389-ds wiki didn’t help; Google returns a lot of noise and not much signal.
See https://fedorahosted.org/389/ticket/47681
# service dirsrv start Starting dirsrv: ds01...[27/Jan/2014:21:28:12 -0800] SSL Initialization - Warning: certificate DB file cert8.db nor cert7.db exists in [/etc/dirsrv/slapd-ds01] - SSL initialization will likely fail [27/Jan/2014:21:28:12 -0800] SSL Initialization - Warning: key DB file /etc/dirsrv/slapd-ds01/key3.db does not exist - SSL initialization will likely fail [27/Jan/2014:21:28:12 -0800] - SSL alert: Security Initialization: Unable to authenticate (Netscape Portable Runtime error -8192 - An I/O error occurred during security authorization.) [27/Jan/2014:21:28:12 -0800] - ERROR: SSL Initialization Failed.
Thanks! David
--
David - Offbeat http://dafydd.livejournal.com dafydd - Online http://pgp.mit.edu/ Battalion 4 - Black Rock City Emergency Services Department Integrity*Commitment*Communication*Support
----5----1----5----2----5----3----5----4----5----5----5----6----5----7--
Rene Descartes walks into his neighborhood watering hole. The publican sees him and asks, "Will you have your usual, sir?"
Descartes ponders a moment and replies, "I think not."
And promptly disappears...
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
--
David - Offbeat http://dafydd.livejournal.com dafydd - Online http://pgp.mit.edu/ Battalion 4 - Black Rock City Emergency Services Department Integrity*Commitment*Communication*Support
----5----1----5----2----5----3----5----4----5----5----5----6----5----7--
Werner Heisenberg is driving down the autobahn. A police officer pulls him over. The officer says, "Excuse me, sir, do you know how fast you were going?" "No," replies Dr. Heisenberg, "but I know where I am."
389-users@lists.fedoraproject.org