Novell Home

My Favorites

Close

Please to see your favorites.

Cross Platform PKIDIAG - recreating server certificates

This document (3392944) is provided subject to the disclaimer at the end of this document.

Environment


Novell Certificate Server (PKIS) 3.1.1
Novell eDirectory 8.8 for All Platforms
Novell iManager 2.6

Situation

Prior to Novell Certificate Server 3.1 and eDirectory 8.8 there was only one utility to recreate a server's default certificates, PKIDIAG. This utility was only available for the NetWare platform.

Resolution

This functionality has now been made available for all platfroms by including the certificate re-creation during the PKI health check and within iManager.

iManager:
Using the Novell Certificate Server plugin version 3.1.20060109 or higher you now have a task called Create Default Certificates under the Novell Certificate Server role for certificate re-creation.


PKI Health Check:
PKI's health check function can be triggered by either resetting the server, stopping and restarting eDirectory services or running an eDirectory repair. The repair must be run either in unattended mode or as a local repair while selecting to lock the database.

When the PKI health check is run on a server that server will recreate its own certificates as well as update the expiration times of all certificates in its home context (where its NCP server object resides). If there are other servers and their certificate objects in this context the health check will update these server's certificates as well. It does not matter whether or not this server actually holds a replica containing its home organization or organizational unit.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:3392944
  • Creation Date:18-AUG-06
  • Modified Date:30-APR-12
    • NovellPKIS (Certificate Server)
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback