On 24 Dec 2012, at 09:18, Vlad <vovan(a)vovan.nl> wrote:
Obviously the setup-ds.pl script can be modified to import
certificate, but I'd prefer installing server without SSL firstly and then use
additional script to install certificate(s) and enable SSL for server/admin unattended.
Let me know if you need any examples.
This is a real pity.
The ConfigFile option is a clean and simple way to load ldif without messing about with
trying to script an ldapmodify, which in turn means trying to script a secure way to pass
It didn't make any sense that you could preconfigure the directory but not
preconfigure the certs, which has to be done before you can preconfigure the ssl directory
config. The error you get when trying to add the cn=RSA,cn=encryption,cn=config object
when the corresponding cert doesn't exist is "No such object", which implies
that cn=encryption,cn=config does not exist, which obviously it does.