Automatic start-up for SSL-enabled instances of Fedora Directory Server

Fedora Directory Server protects its internal, software-based, cryptographic repository with a PIN (passphrase).

When an instance of a Fedora Directory Server is configured for SSL/TLS support, by default, the start-up script interactively prompts for that PIN in order to unlock the private key. This can be a problem for automated system start-ups.

However, there is a way to configure Fedora Directory Server in such a way that the PIN is stored into a root-only readable configuration file. Thus, during start-up, the directory server instance can retrieve the PIN from that configuration file wihout asking it.

The PIN is stored into a file called:

/opt/fedora-ds/alias/slapd-[instance_name]-pin.txt

and should contain a single line with the following format:

Internal (Software) Token:[pin or passphrase]

For example, if the Fedora Directory Server instance is named "server1" and the PIN or passphrase needed to unlock the SSL/TLS private key is "secret":

# echo "Internal (Software) Token:secret" > 
   /opt/fedora-ds/alias/slapd-server1-pin.txt
Advertisements

5 thoughts on “Automatic start-up for SSL-enabled instances of Fedora Directory Server

  1. There are a few interesting points over time in this posting but I don’t determine if I see every one of them center to heart. There is some validity but I will take hold opinion until I explore it further. Excellent post , thanks and we want far more! Included with FeedBurner at the same time

  2. Ok so I’m about 45 pounds over weight (in my opinion) so I started this diet, and so far it’s going pretty well. Kinda slow, but whatever. Anyway I need some advice on the whole exercise thing. I do sit-ups, push-ups, jump rope, and some other core strengthening exercises . I’m kinda worried about doing all core exercises tho. I afraid that building all of that muscle under my belly fat will make me look really gross and bulky.. Any Ideas?? Advice??

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s