Invalid self signed certificate will cause Authentication Satellite to be ignored
This document (7005895) is provided subject to the disclaimer at the end of this document.
[DEBUG] [05/03/2010 16:52:35.093]  [ZenworksWindowsService]   [CertManager.SubjectIsHost]  [Subject in certificate is : CN=SATELLITE., OU=ZENworks Authentication Server, O=ZENworks Configuration Management]  
[DEBUG] [05/03/2010 16:52:35.093]  [ZenworksWindowsService]   [RemotingService]  [Filtered zone config list is:]  
Note: This applies to Satellites using self-signed certificates only.
- To confirm the certificate, use the url (substitute proper satellite fqdn and port): https://satellite.novell.com:443/CasaAuthTokenSvc.
- If the browser generates a certificate error, inspect the certificate to determine whether it has the appropriate Fully Qualified Domain Name (FQDN).
- If the certificate has only the short name (for example satellite instead of satellite.novell.com and it was self signed (no external certificate), then it must be re-minted.
- Confirm that the Windows device Control Panel > System > Computer Name > Change Computer Name > More >Primary Dns Suffix is correct.
- Run zac asr to reset satellite service
Demote (remove the Authentication role) from the satellite device ZCC > Configuration > Server Hierarchy .
Refresh the device with Z Icon so that the role is removed.
Promote (add the Authentication role) the device again.
- Verify that the certificate is correct, and that the agent logging in shows it in the filtered device list in zmd-messages.log .
- Demote the device per the steps above.
- Create a text file %ZENWORKS_HOME%/conf/jettyconfig.xml with the following contents (substitute the proper fqdn of the satellite):
<JettyConfigInfo xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance " xmlns:xsd=" http://www.w3.org/2001/XMLSchema ">
<DName>cn=satellite.novell.com,ou=ZENworks Authentication Server,o=ZENworks Configuration Management</DName>
- Promote the device per the steps above and test the certificate.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7005895
- Creation Date:04-MAY-10
- Modified Date:27-APR-12
- NovellZENworks Configuration Management
Did this document solve your problem? Provide Feedback