I have done that too.
Download setupssl2.sh from
http://github.com/richm/scripts/blob...l2.sh?raw=true and make the modification:
Just enter the correct filename /etc/disrv/slapd-389-ds
[root@389-ds dirsrv]# vi /opt/setupssl2.sh
[root@389-ds dirsrv]# chmod +x /opt/setupssl2.sh
[root@389-ds dirsrv]# cd /opt/
[root@389-ds opt]# ./setupssl2.sh
No CA certificate found - will create new one
No Server Cert found - will create new one
No Admin Server Cert found - will create new one
Creating password file for security token
Creating noise file
Creating new key and cert db
Creating encryption key for CA
Generating key. This may take a few moments...
Creating self-signed CA certificate
Generating key. This may take a few moments...
Is this a CA certificate [y/N]?
Enter the path length constraint, enter to skip [<0 for unlimited path]: > Is this a critical extension [y/N]?
Exporting the CA certificate to cacert.asc
Generating server certificate for Fedora Directory Server on host 389-ds.sap.com
Using fully qualified hostname 389-ds.sapient.com for the server name in the server cert subject DN
Note: If you do not want to use this hostname, edit this script to change myhost to the
real hostname you want to use
Generating key. This may take a few moments...
Creating the admin server certificate
Generating key. This may take a few moments...
Exporting the admin server certificate pk12 file
pk12util: PKCS12 EXPORT SUCCESSFUL
Creating pin file for directory server
Importing the admin server key and cert (created above)
pk12util: PKCS12 IMPORT SUCCESSFUL
Importing the CA certificate from cacert.asc
Creating the admin server password file
Enabling the use of a password file in admin server
Enabling SSL in the directory server - when prompted, provide the directory manager password
Enter LDAP Password:
modifying entry "cn=encryption,cn=config"
modifying entry "cn=config"
adding new entry "cn=RSA,cn=encryption,cn=config"
Done. You must restart the directory server and the admin server for the changes to take effect.
[root@389-ds opt]# service dirsrv restart
Shutting down dirsrv:
389-ds... [ OK ]
Starting dirsrv:
389-ds... [ OK ]
[root@389-ds opt]# service dirsrv-admin restart
Shutting down dirsrv-admin:
[ OK ]
Starting dirsrv-admin:
[ OK ]
[root@389-ds opt]#
[/code]
Finally Done.