#47390 General.CACertificate inf directive does not work.
Closed: wontfix None Opened 10 years ago by jvukotic.

The ticket apply to setup-ds-admin.pl script for 389 Directory Server version 1.2.11.15.
When included in inf file that is supplied as a -f argument of setup-ds-admin.pl script, neither the CA certificate gets imported in admin server's cert8.db, nor adm.conf is modified with the supplied ldaps url, also listed in the submitted inf file as a General.ConfigDirectoryLdapURL argument value.


Replying to [ticket:47390 jvukotic]:

The ticket apply to setup-ds-admin.pl script for 389 Directory Server version 1.2.11.15.
When included in inf file that is supplied as a -f argument of setup-ds-admin.pl script, neither the CA certificate gets imported in admin server's cert8.db, nor adm.conf is modified with the supplied ldaps url, also listed in the submitted inf file as a General.ConfigDirectoryLdapURL argument value.

Can you tell me if these are the right steps to reproduce the problem?
1) setup a brand new 389 instance - set it up to use SSL - export the CA cert to a file
2) setup another brand new 389 instance - configure it to use the first instance as the ConfigDS

Replying to [comment:3 rmeggins]:

Replying to [ticket:47390 jvukotic]:

The ticket apply to setup-ds-admin.pl script for 389 Directory Server version 1.2.11.15.
When included in inf file that is supplied as a -f argument of setup-ds-admin.pl script, neither the CA certificate gets imported in admin server's cert8.db, nor adm.conf is modified with the supplied ldaps url, also listed in the submitted inf file as a General.ConfigDirectoryLdapURL argument value.

Can you tell me if these are the right steps to reproduce the problem?
1) setup a brand new 389 instance - set it up to use SSL - export the CA cert to a file
2) setup another brand new 389 instance - configure it to use the first instance as the ConfigDS

Still waiting for a reply - please respond.

Steps:
1) Setup 389-ds-base 1.3.1 and 389-admin (latest) - set up for SSL - use ldaps as the config ds url
2) Install 389-ds-base 1.2.11 and 389-admin (latest) - run setup-ds-admin.pl on a different host to install a new admin server and ds instance, using ldaps as the config ds url and a ca cert file

  • ca cert is installed correctly in admin server cert8.db
  • ca cert is not installed in directory server cert8.db - this is by design, not a bug

Metadata Update from @rmeggins:
- Issue set to the milestone: 389-admin,console 1.1.36

7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/727

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Invalid)

3 years ago

Login to comment on this ticket.

Metadata