RE: Mozilla NSS / OpenLdap 2.4.23 cert not readable?

Sorry for the

-----Original Message----- From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical- bounces@OpenLDAP.org] On Behalf Of Aaron Bennett Sent: Friday, December 16, 2011 10:29 AM To: richm@stanfordalumni.org Cc: openldap-technical@openldap.org Subject: RE: Mozilla NSS / OpenLdap 2.4.23 cert not readable?

I wonder if I'm doing something obvious wrong generating my cert -- here's the commands I used:

So I dug more and that was almost all wrong, I'd gotten it from a the Mozilla docs. The command that worked is:

certutil -S -s "CN=animal.clarku.edu, O=Clark University ITS, L=Worcester, ST=Massachusetts, C=US" -p "508-793-7745" -x -t "P,P,P" -n animal.clarku.edu -d /etc/openldap/nssdb

That's it... no intermediate steps.