Renew SSL Certs ?

We are running directory 5.2 on Solaris 9. Certs in our Production LDAP servers are about to expire in a month. Before installing the new certs should I need to follow any precautionery steps? Haven't seen documentation at Sun site on certs renewal.

I'm thinking on removing the old one and install the new certs and restart the directory server? Or is there is there a different sequence ? Please help?

Thanks,

Sunil.

[445 byte] By [sunilunnikrishnan] at [2007-11-26 11:01:08]

«« No LOM device found
»» Set domainname manually

# 1

With one Solaris 9+iplanet 5.1, we had certificate already expired, and server restarted. Didn't start -> could not disable the certificate. We had to tweak servers time to renew it..

But, we just removed the old certificate, and added new. Restarted it, all ok.

But what we had, was that new certificate was signed with new CA, so we had to add

that CA to every client (Solaris clients, webct..) Not very easy, plus solaris clients seem to use the old (cached?) cert7.db until that particular process (smbd,imapd..) is restarted.

eviladmin at 2007-7-7 3:14:51 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 2

Thanks for the reply. So I think its fair enough to remove the old one and install the new cert and restart the server.Luckily in our case CA certs are valid for a long time and I will not have cert db issue with LDAP clients.Thanks,Sunil.

sunilunnikrishnan at 2007-7-7 3:14:51 >

Web & Directory Servers

Directory Servers

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Renew SSL Certs ?

Web & Directory Servers New Topic

Web & Directory Servers Hot Topic

Web & Directory Servers

All Classified