32.4 Restoring the Certificate Authority

To restore the certificate authority files on the Primary Server that is configured to be the ZENworks internal certificate authority:

  1. At the command prompt of the ZENworks Server, enter the following zman command:

    zman certificate-authority-import (certificate-authority-import/cai) (file path)

    This command imports the key-pair credentials of the zone certificate authority from a file. For more information about zman certificate authority commands, see zman(1) in the ZENworks 11 Command Line Utilities Reference.

  2. Enter the username and password of the administrator of the Management Zone.

  3. Enter the file encryption passphrase you specified when you backed up the certificate authority files (Step 3 in Section 32.3, Backing Up the Certificate Authority).

  4. Manually open the CaConfig.xml file, which is located in ZENworks_installation_directory\conf\security\ directory on Windows and in the /etc/opt/novell/zenworks/security/ directory on Linux, to ensure that the <Keystore> tag contains the correct path of zenca.keystore. The zenca.keystore file is located by default in the ZENworks_installation_directory\security\ directory on Windows and in the /etc/opt/novell/zenworks/security/ directory on Linux.

  5. (Conditional) If you edit the zenca.keystore path in the CaConfig.xml file in Step 4, you must restart the Novell ZENworks Server service:

    • On Windows: Do the following:

      1. From the Windows desktop Start menu, click Settings > Control Panel.

      2. Double-click Administrative Tools > Services.

      3. Restart Novell ZENworks Server.

    • On Linux: At the console prompt, enter /etc/init.d/novell-zenserver restart.