Am 21.09.23 um 19:13 schrieb Stefan Kania:
Thank you, now it's working. Would be nice if it documented somewhere, maybe the manpage :-)
^.^ found it in the Manpage, it's late :-)
Am 21.09.23 um 18:08 schrieb Howard Chu:Stefan Kania wrote:Hi all,I like to change the certificate and the key for autoca, but I can't find any description how to do it. I tried the following LDIF:The LDAP PKI schema uses DER values, not PEM.--------------- dn: dc=example,dc=net changetype: modify replace: cACertificate;binary cACertificate;binary:< file:///root/mycert/cacert.pem - replace: cAPrivateKey;binary cAPrivateKey;binary:< file:///root/mycert/cakey.pem --------------- I got: --------------- root@ldap-r01:~# ldapmodify -Y external -H ldapi:/// -f change-cert.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "dc=example,dc=net" ldap_modify: Invalid syntax (21)additional info: cACertificate;binary: value #0 invalid per syntax---------------- So what is the right way to change the certificate and the key? Thank's Stefan
-- Stefan Kania Landweg 13 25693 St. MichaelisdonnSignieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter https://www.dgn.de/dgncert/index.html
smime.p7s
Description: S/MIME Cryptographic Signature