How to update the sample TLS certificate from openldap-servers rpm
Issue
- How to update the sample TLS certificate from openldap-servers rpm
- When openldap-servers is installed, a sample TLS certificate is made using generate-server-cert.sh script. The certificate validity is one year.
# rpm -q openldap-servers --scripts | grep -B1 generate-server-cert.sh
# generate sample TLS certificate for server (will not replace)
/usr/libexec/openldap/generate-server-cert.sh -o &>/dev/null || :
# certutil -L -d /etc/openldap/certs
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
OpenLDAP Server CTu,u,u
# certutil -L -d /etc/openldap/certs -n "OpenLDAP Server" | grep -A2 Validity:
Validity:
Not Before: Wed Oct 20 01:35:31 2021
Not After : Mon Oct 20 01:35:31 2022
Environment
- Red Hat Enterprise Linux 7
- openldap-servers
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.