to use a custom certificate for HTTP instead. This should be configurable by
modifying the HTTP Server Object (with iManager or directly with ldap), by
putting the cn of the desired certificate into the httpKeyMaterialObject attribute.
see: edirectory administration guide:
unfortunately it is ignored by edirectory.
if i delete 'cn=SSL CertificateDNS - <myserver>' altogether i can no longer connect
to the server, regardless that the http-object is specifying another certificate.
release notes of edirectory 9.0.4 speak of
SSL CertificateDNS Is Not Always Used for httpkeymaterialobject Attribute of the HTTP Server Object#
Issue: SSL Certificate DNS is used as a default certificate for the httpkeymaterialobject attribute of the HTTP server object. However, this certificate is not always selected for the httpkeymaterialobject attribute of the HTTP server object during eDirectory installation.
Fix: This release resolves this issue. This certificate is automatically selected for the httpkeymaterialobject attribute during eDirectory installation.
might be related ..?
anyone knows of such an issue pre 9.0.4 or how to get it working?
thanks in advance, florian