iManager - CA create just refreshes when trying to import a certificate to create a new CA
This document (7008700) is provided subject to the disclaimer at the end of this document.
Environment
Novell iManager Plugins - Novell Certificate Server
Situation
Trying to move a CA from one server to another.
Exported the CA - included private key and added a password
Deleted the CA object from eDirectory
Created a new CA choosing to import with the export previously created.
The iManager Certificate Server plugin keeps refreshing when attempting to finish the process but never continues.
Troubleshooting:
Manually created a test CA
Exported the test CA with private key and set password
Deleted test CA
Created a new CA using import - this time the process completes as expected.
Troubleshooting:
Tried using ConsoleOne to import the export of the CA.
ConsoleOne returned an error: -1443 which is DS_T_NICI_E_SIGNATURE_INVALID 0xFA5D NICI E SIGNATURE INVALID
Troubleshooting:
Tried using openssl to create a pem file from the export of the CA.
Exported the CA - included private key and added a password
Deleted the CA object from eDirectory
Created a new CA choosing to import with the export previously created.
The iManager Certificate Server plugin keeps refreshing when attempting to finish the process but never continues.
Troubleshooting:
Manually created a test CA
Exported the test CA with private key and set password
Deleted test CA
Created a new CA using import - this time the process completes as expected.
Troubleshooting:
Tried using ConsoleOne to import the export of the CA.
ConsoleOne returned an error: -1443 which is DS_T_NICI_E_SIGNATURE_INVALID 0xFA5D NICI E SIGNATURE INVALID
Troubleshooting:
Tried using openssl to create a pem file from the export of the CA.
openssl pkcs12 -in cert.pfx -out cert.pemWhen prompted for the password, openssl returned the password was incorrect.
Resolution
Export of the CA has been saved with a different password than the one which was being used to import the certificate.
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7008700
- Creation Date:03-JUN-11
- Modified Date:27-APR-12
- NovellPKIS (Certificate Server)
- NetIQeDirectoryiManager
Did this document solve your problem? Provide Feedback