I have tried to follow the HOWTO from http://web.singnet.com.sg/~garyttt .But I got lost at "Step 3: Create OpenLDAP Server". I
copied the cr_ssl_certs_openldap.sh but I got the following
problem:
#
./cr_ssl_certs_openldap.sh
: bad interpreter: No such file or directory The content of the cr_ssl_certs_openldap.sh
is:
#! /bin/sh
# # cr_ssl_certs_openldap.sh - Create self-signed SSL Certs for OpenLDAP server # # Gary Tay, 6-Mar-2004 # mkdir demoCA >/dev/null 2>&1 cd demoCA mkdir certs crl newcerts private >/dev/null 2>&1 echo "01" > serial cp /dev/null index.txt # Un-comment next two lines for RedHat
cp /usr/share/ssl/openssl.cnf openssl.cnf ETC_OPENLDAP=/etc/openldap # Un-comment next two lines for Others #cp /usr/local/ssl/openssl.cnf openssl.cnf #ETC_OPENLDAP=/usr/local/etc/openldap sed -e 's/GB/SG/' \
-e 's/Berkshire/Singapore/' \ -e 's/Newbury/Singapore/' \ -e 's/My Company Ltd/Example Company Ltd/' \ openssl.cnf > openssl.cnf.new mv openssl.cnf.new openssl.cnf echo "Creating CA cert..."
echo "Please enter server's FQDN when prompted for Common Name:" openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem \ -days 3650 -config openssl.cnf echo "Creating server cert..."
echo "Please enter server's FQDN when prompted for Common Name:" openssl req -new -x509 -nodes -keyout newreq.pem -out newreq.pem \ -days 3650 -config openssl.cnf echo "Self signing server cert..." echo "Please enter server's FQDN when prompted for Common Name:" openssl x509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem cd .. openssl ca -config demoCA/openssl.cnf -policy policy_anything \ -out demoCA/newcert.pem -infiles demoCA/tmp.pem rm -f demoCA/tmp.pem echo "Please copy CA Cert, New Cert and Key to OpenLDAP config dir..." echo "using the following commands" echo "cp demoCA/cacert.pem $ETC_OPENLDAP" echo "cp demoCA/newcert.pem $ETC_OPENLDAP/slapd-cert-ldap1.pem" echo "cp demoCA/newreq.pem $ETC_OPENLDAP/slapd-key-ldap1.pem" echo "chmod 640 $ETC_OPENLDAP/slapd-key-ldap1.pem" # Uncomment for RedHat echo "chown ldap:ldap $ETC_OPENLDAP/*.pem" # Uncomment for Others #echo "chown ldap:daemon $ETC_OPENLDAP/*.pem" echo "" Please help.
Best Regards,
Kevin
Ho |