[SAC] [OSGeo] #2295: Replace ldaps STAR cert with letsencrypt or single cert
OSGeo
trac_osgeo at osgeo.org
Sun Apr 28 11:01:20 PDT 2019
#2295: Replace ldaps STAR cert with letsencrypt or single cert
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: blocker | Milestone: Sysadmin Contract 2019-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by robe):
okay on old-adhoc (and I'm guessing I got to fix all the servers even the
new ones I created (as this was in my setup template).
I had to do a similar change in /etc/nslcd.conf
as it hadth ssl.com star certbundle instead of the shipped cert file
{{{
#tls_cacertfile /etc/ssl/certs/STAR_osgeo_org.ca-bundle
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
}}}
Changing the file is not sufficient. The services need to be restarted -
though I ended just rebooting the container, so have to outline which
services need restarting.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2295#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
More information about the Sac
mailing list