Modifying Core Schema#

To modify core schema:

$ ldapmodify -H ldapi:/// -Y EXTERNAL -f /usr/share/pki/ca/database/openldap/schema-mod.ldif

Importing CA Schema#

To import CA schema:

$ ldapadd -H ldapi:/// -Y EXTERNAL -f /usr/share/pki/ca/database/openldap/schema.ldif

To check CA schema:

$ ldapsearch -H ldapi:/// -Y EXTERNAL -b "cn={5}ca,cn=schema,cn=config"

Importing CA Base Entries#

To import PKI base entry:

$ ldapadd -H ldap://$HOSTNAME:10389 -x -D cn=Manager,dc=example,dc=com -w Secret.123
dn: dc=pki,dc=example,dc=com
objectClass: dcObject
objectclass: organization
o: PKI
dc: pki

To import CA base entries:

$ ldapadd -H ldap://$HOSTNAME:10389 -x -D cn=Manager,dc=example,dc=com -w Secret.123 -f /usr/share/pki/ca/database/openldap/create.ldif

To check CA subtree:

$ ldapadd -H ldap://$HOSTNAME:10389 -x -D cn=Manager,dc=example,dc=com -w Secret.123 -b "dc=ca,dc=pki,dc=example,dc=com"

Modifying Core Schema

Contents

Modifying Core Schema#

Importing CA Schema#

Importing CA Base Entries#

See Also#