| .. | ||
| admin_tools | ||
| normi_show_all.sh | ||
| README.md | ||
Install 389ds
apt install 389-ds 389-ds-base
# Put ds_instance.inf into root
cd /root
dscreate from-file ds_instance.inf
systemctl start dirsrv.target
systemctl enable dirsrv.target
# Palace ldap.conf into /etc/ldap
ldapsearch -x -H ldap://smime.neuro.uni-bremen.de -s base -b "" "objectclass=*"
389ds: Add SSL certificates
# Find the PIN in
cat /etc/dirsrv/slapd-smime/pin.txt
cd /certs
openssl pkcs12 -export -inkey key.pem -in crt.pem -out crt.p12 -name ’Server-Cert’
cd /etc/dirsrv/slapd-smime/
pk12util -i /certs/crt.p12 -d .
certutil -A -d /etc/dirsrv/slapd-smime/ -n "Uni Chain 1" -t "CT,," -i /certs/cari_1.pem
certutil -A -d /etc/dirsrv/slapd-smime/ -n "Uni Chain 2" -t "CT,," -i /certs/cari_2.pem
certutil -A -d /etc/dirsrv/slapd-smime/ -n "Uni Chain 3" -t "CT,," -i /certs/cari_3.pem
# Show certs
certutil -L -d /etc/dirsrv/slapd-smime/
# Show keys
certutil -K -d /etc/dirsrv/slapd-smime/
# Show Server Settings
ldapsearch -H ldap://localhost:389 -D 'cn=admin' -W -Z -b 'cn=encryption,cn=config' -x
# 389ds cockpit fix (Ubuntu package is broken)
wget https://github.com/389ds/389-ds-base/archive/389-ds-base-2.0.15.tar.gz
tar xzf 389-ds-base-2.0.15.tar.gz
cd /root/389-ds-base-389-ds-base-2.0.15/src/cockpit/389-console
# Wait until "webpack compiled successfully"
sh buildAndRun.sh
cp dist/* /usr/share/cockpit/389-console
systemctl restart cockpit
# We use the cockpit to activate the security mode
# Open the firewall but we want to close the port later and disable the cockpit service
ufw allow 9090
Cockpit SSL
Put the certificates and key as 1.cert 1.key in /etc/cockpit/ws-certs.d/ and remove the self-signed ones.
Remove acces to cockpit
ufw status numbered | grep 9090
ufw delete ????
systemctl disable cockpit
systemctl stop cockpit
systemctl stop cockpit.socket