Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

Error: "-678" when creating a Certificate Authority object with ConsoleOne

(Last modified: 21Apr2003)

This document (10082074) is provided subject to the disclaimer at the end of this document.


Novell NetWare 5.1

Novell NetWare 6.0

Novell eDirectory 8.6 for All Platforms

Novell eDirectory 8.7 for All Platforms

Novell ConsoleOne


Error: "-678" when creating a Certificate Authority object with ConsoleOne

Error: "678 -678 0xFFFFFD5A = ERR_DUPLICATE_ACL"

Error: "There was an error while trying go create the Organizational Certificate Authority. You need to delete the Organizational Certificate Authority object, if it exists, and start the creation process again. The error code is: -678 ".

The created Certificate Authority reports "This Organizational Certificate Authority is damaged. It must be deleted and recreated"


When trying to create the Certificate Authority the process adds an ACL entry for the Security container. This part of the process gives rights to [Public] to read the NDSPKI:Tree CA DN attribute. If there is a pre-existing ACL entry for this attribute and Public that has more rights, the process stops and reports this error.


Within ConsoleOne open the Properties of the Security object (the one right under the root of your tree). Choose the NDS Rights | Trustees of this object tab.

You should have an entry called [Public] (or more than one). Chose this entry (or each of them) and press the Assigned Rights button. This will display the rights explicitly assigned to Public. If one of these entries shows the NDSPKI:Tree CA DN attribute and the rights assigned are more than just Read, you've found your problem. Remove the extra rights and just leave the Read right.

This should be enough for the process of creating the CA to continue.


The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

  • Document ID:
  • 10082074
  • Solution ID: NOVL88556
  • Creation Date: 11Apr2003
  • Modified Date: 21Apr2003
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback