Recreating PKI certificates on Linux
Novell Cool Solutions: Question & Answer
Reader Rating 
Q:
If I were to create a new CA, I would use pkidiag on all of my NetWare
servers to recreate the certificates. What is the equivalent utility/steps
to recreate the PKI certificates on an OES Linux SP1 platform?
A:
Once you recreate your CA you have a couple of options. First, delete your KMO's (Key Material Objects) and your SAS objects for the servers. Now for the pkidiag-sort-of-equivalent: "ndsconfig upgrade" ...
In theory that will recreate your SAS and KM objects. I've had good luck
with it, anyway. I believe it is covered in the docs and I would recommend
reading those before proceeding. Also, try one server to make sure it
survives and then go on.
Second option, iManager and/or ConsoleOne. pkidiag makes certificates easy on NetWare - most other platforms have to deal with dozen-parameter commands to do the equivalent creations (fewer checks). Hopefully future versions will see further enhancements but, until then, those two options are present for you.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com