Description of problem:

We see this in upstream documentation:

http://www.port389.org/docs/389ds/howto/howto-windowsconsole.html

===========================================================
TLS/SSL

By default, the console expects your key and cert database files in $HOME/.389-console. On Windows, this is usually something like C:\Documents and Settings\\.389-console. So when you use the NSS command line utilities like certutil and pk12util, use the -d argument like this:

certutil -A -d "C:\Documents and Settings\<username>\.389-console" -n "CA Certificate" -t CT,, -i cacert.asc -a    

for example, to add the CA cert from the file cacert.asc encoded in ASCII (PEM) format. Now your Console running on Windows should be able to use https and ldaps.
===========================================================

It could be nice to have this in RHEL documentation, administration guide. We have it for RHEL console but not for Windows in: 



We have this in

7.3.7. Managing Certificates Used by the Directory Server Console

https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/managing-certs.html

but it oculd be nice if we could mention just where to install console certs on windows.









 If it is there, I am sorry