Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1276237

Summary: documentation missing to set windows console in ssl mode.
Product: Red Hat Directory Server Reporter: German Parente <gparente>
Component: Doc-administration-guideAssignee: Marc Muehlfeld <mmuehlfe>
Status: CLOSED CURRENTRELEASE QA Contact: Viktor Ashirov <vashirov>
Severity: low Docs Contact:
Priority: high    
Version: 9.1CC: tcapek
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-14 13:27:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description German Parente 2015-10-29 08:14:48 UTC 
Description of problem:

We see this in upstream documentation:

http://www.port389.org/docs/389ds/howto/howto-windowsconsole.html

===========================================================
TLS/SSL

By default, the console expects your key and cert database files in $HOME/.389-console. On Windows, this is usually something like C:\Documents and Settings\\.389-console. So when you use the NSS command line utilities like certutil and pk12util, use the -d argument like this:

certutil -A -d "C:\Documents and Settings\<username>\.389-console" -n "CA Certificate" -t CT,, -i cacert.asc -a    

for example, to add the CA cert from the file cacert.asc encoded in ASCII (PEM) format. Now your Console running on Windows should be able to use https and ldaps.
===========================================================

It could be nice to have this in RHEL documentation, administration guide. We have it for RHEL console but not for Windows in: 



We have this in

7.3.7. Managing Certificates Used by the Directory Server Console

https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/managing-certs.html

but it oculd be nice if we could mention just where to install console certs on windows.









 If it is there, I am sorry
Comment 2 Marc Muehlfeld 2016-11-14 13:27:25 UTC 
The update for Directory Server 10.1 is now available on the Customer Portal.