Thomas Cameron wrote:
> Howdy -
> Posting this to the list just because Google searches didn't tell me.
> Very possible I was asking the wrong question, but here's what I was
> searching for.
> How do you disable SSL at startup for Fedora Directory Server (389)?
> In /etc/dirsrv/slapd-[hostname]/dse.ldif, change the line:
> nsslapd-security: on
> to:
> nsslapd-security: off
> Back story:  I was messing about with SSL certificates and I did
> something wrong.  Not sure what yet, but since my cert was borked,
> after I installed it, 389 wouldn't start.  Since the LDAP server
> wouldn't start, the admin server wouldn't allow me to log in.  I was
> kind of screwed.
> Once I set the LDAP server to start without SSL, I was able to log in
> and now I can (hopefully) figure out what I did wrong with the
> certificate.
> The error I was getting was:
> /var/log/dirsrv/slapd-e510/errors:[24/Apr/2010:18:12:30 -0500] - SSL
> alert: CERT_VerifyCertificateNow: verify certificate failed for cert
> e510 server-cert of family cn=RSA,cn=encryption,cn=config (Netscape
> Portable Runtime error -8179 - Peer's Certificate issuer is not
> recognized.)
How did you generate the server cert 'e510 server-cert' ?  Did you 
import the CA cert of the CA that issued this cert?
> --
> 389 users mailing list

389 users mailing list

Reply via email to