How to update the sample TLS certificate from openldap-servers rpm

Solution Unverified - Updated -

Issue

  • How to update the sample TLS certificate from openldap-servers rpm
  • When openldap-servers is installed, a sample TLS certificate is made using generate-server-cert.sh script. The certificate validity is one year.
# rpm -q openldap-servers --scripts | grep -B1 generate-server-cert.sh
# generate sample TLS certificate for server (will not replace)
/usr/libexec/openldap/generate-server-cert.sh -o &>/dev/null || :
# certutil -L -d /etc/openldap/certs

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

OpenLDAP Server                                              CTu,u,u
# certutil -L -d /etc/openldap/certs -n "OpenLDAP Server" | grep -A2 Validity:
        Validity:
            Not Before: Wed Oct 20 01:35:31 2021
            Not After : Mon Oct 20 01:35:31 2022

Environment

  • Red Hat Enterprise Linux 7
  • openldap-servers

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content