Replacing SSL Certificate does not succeed for Open Directory, works for all other services
| Originator: | scott.corscadden | ||
| Number: | rdar://15914873 | Date Originated: | 2014/01/27 |
| Status: | Open | Resolved: | |
| Product: | OS X Server | Product Version: | 10.9 |
| Classification: | Reproducible: | Didn't try |
Summary: Simply try to import a new certificate (a real one, paid for) and make it the one used to secure all services. Steps to Reproduce: * 10.9 (stock) system, ie, 10.9.1 upgrades not yet applied. * Using a real (ie, paid for) SSL wildcard certificate, everything worked for securing all services * Now that we've got a new (updated) certificate, we were able to "Import new Certificate Identity..." with no issue. * Attempting to choose that new cert for "Secure services using" now shows "2 certificates chosen". Looking at each service in detail, the only service still on the OLD (soon to expire) certificate is the Open Directory service - all other services successfully took the new one. * Attempt to manually change the certificate specifically for Open Directory, using the "Custom" pulldown. Expected Results: I expected Open Directory to also use the new certificate. I also expect that if I change a specific service to use a new certificate, that would work, or there'd be an error in /var/log/system.log (there is not a peep). Actual Results: Open Directory stubbornly refuses to take the new certificate, and does not issue any errors anywhere that I can see Version: 10.9, stock.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Marked as duplicate of 15691451
Marked as duplicate of 15691451