Jon Dufresne wrote: > On Tue, 2012-03-20 at 18:24 -0600, Rich Megginson wrote: >> That's not your problem, nor is it specific to Oracle: >> TLS: could not add the certificate (null) - error -8018:Unknown PKCS #11 >> error.. >> TLS: /etc/openldap/cacerts/addtrust-ca.crt is not a valid CA certificate >> file - error -8018:Unknown PKCS #11 error.. >> >> Can you paste your /etc/openldap/cacerts/addtrust-ca.crt? > > My user does not have permission to read this file. The file's > permissions are: > > -rw-------. 1 root root 1521 Mar 12 15:28 addtrust-ca.crt > > Now that it is pointed out, this seems incorrect. Should this be changed > to mode 644? There's no point to set this strict permissions. Public-key CA certs are just that: public. So 0644 file permissions seems most appropriate. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature