The following procedure is for installing a wildcard cert and key paid from Let's Encrypt for the 389 Directory Server.
-
Use the 389 Console gui to create a certificate database db and to import the Let's Encrypt certificate chain cert (which will be in PEM format). See secs. 9.1.3.2 and 9.3.3.2 of the Red Hat Directory Server Administration Guide for details.
-
Create a pin.txt file under /etc/dirsrv/slapd-[instance name]:
Internal (Software) Token:agoodpassword