Environment
Novell iManager Plugins - Novell Certificate Server
Situation
Trying to move a CA from one server to another.
Exported the CA - included private key and added a password
Deleted the CA object from eDirectory
Created a new CA choosing to import with the export previously created.
The iManager Certificate Server plugin keeps refreshing when attempting to finish the process but never continues.
Troubleshooting:
Manually created a test CA
Exported the test CA with private key and set password
Deleted test CA
Created a new CA using import - this time the process completes as expected.
Troubleshooting:
Tried using ConsoleOne to import the export of the CA.
ConsoleOne returned an error: -1443 which is DS_T_NICI_E_SIGNATURE_INVALID 0xFA5D NICI E SIGNATURE INVALID
Troubleshooting:
Tried using openssl to create a pem file from the export of the CA.
Exported the CA - included private key and added a password
Deleted the CA object from eDirectory
Created a new CA choosing to import with the export previously created.
The iManager Certificate Server plugin keeps refreshing when attempting to finish the process but never continues.
Troubleshooting:
Manually created a test CA
Exported the test CA with private key and set password
Deleted test CA
Created a new CA using import - this time the process completes as expected.
Troubleshooting:
Tried using ConsoleOne to import the export of the CA.
ConsoleOne returned an error: -1443 which is DS_T_NICI_E_SIGNATURE_INVALID 0xFA5D NICI E SIGNATURE INVALID
Troubleshooting:
Tried using openssl to create a pem file from the export of the CA.
openssl pkcs12 -in cert.pfx -out cert.pemWhen prompted for the password, openssl returned the password was incorrect.
Resolution
Export of the CA has been saved with a different password than the one which was being used to import the certificate.