If you've used Sun Directory Server you probably met the problem of self-signed certificates,
solution below will help you to resolve it in the fastest way.
# pick a new password or you can't run certutil later
$ dsadm set-flags /path/ds1 cert-pwd-prompt=on
# create a self sign cert valid for 24 months
$ serverroot/dsee6/bin/certutil -d /path/ds1/alias -P slapd- -x -S -n longlife -s cn=ldap.example.com:389,st=TX,C=US,L=Crawford -t CTu,u,u -v 24
$ serverroot/dsee6/bin/certutil -d /path/ds1/alias -P slapd- -L -n longlife | head -15
# turn off the password or you'll be prompted everytime the instance starts
$ dsadm set-flags /path/ds1 cert-pwd-prompt=off
solution below will help you to resolve it in the fastest way.
# pick a new password or you can't run certutil later
$ dsadm set-flags /path/ds1 cert-pwd-prompt=on
# create a self sign cert valid for 24 months
$ serverroot/dsee6/bin/certutil -d /path/ds1/alias -P slapd- -x -S -n longlife -s cn=ldap.example.com:389,st=TX,C=US,L=Crawford -t CTu,u,u -v 24
$ serverroot/dsee6/bin/certutil -d /path/ds1/alias -P slapd- -L -n longlife | head -15
# turn off the password or you'll be prompted everytime the instance starts
$ dsadm set-flags /path/ds1 cert-pwd-prompt=off
Comments