Okay, so I found this: To export cert+key from a NSSDB to a p12file: pk12util -d /etc/pki/pki-tomcat/alias -n 'auditSigningCert cert-pki-ca' -o file.p12 To import cert.key from a p12 file to a NSSDB: pk12util -d /etc/pki/pki-tomcat/alias -i file.p12
From Flo's post at: https://lists.fedorahosted.org/archives/list/[email protected]/thread/D2XQT2FNILXW5R6TJKKMPCRQLHZFBHW3/ That import line needs a -n 'certNameHere givenName' added to it. Otherwise, after massaging names and dirs, it seems to have worked for that portion. Now to just get the final three CS.cfg entries straightened out. That may just be a systemctl restart certmonger issue. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
