Description of problem: We see this in upstream documentation: http://www.port389.org/docs/389ds/howto/howto-windowsconsole.html =========================================================== TLS/SSL By default, the console expects your key and cert database files in $HOME/.389-console. On Windows, this is usually something like C:\Documents and Settings\\.389-console. So when you use the NSS command line utilities like certutil and pk12util, use the -d argument like this: certutil -A -d "C:\Documents and Settings\<username>\.389-console" -n "CA Certificate" -t CT,, -i cacert.asc -a for example, to add the CA cert from the file cacert.asc encoded in ASCII (PEM) format. Now your Console running on Windows should be able to use https and ldaps. =========================================================== It could be nice to have this in RHEL documentation, administration guide. We have it for RHEL console but not for Windows in: We have this in 7.3.7. Managing Certificates Used by the Directory Server Console https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/managing-certs.html but it oculd be nice if we could mention just where to install console certs on windows. If it is there, I am sorry
The update for Directory Server 10.1 is now available on the Customer Portal.