Novell Home

My Favorites

Close

Please to see your favorites.

iManager - CA create just refreshes when trying to import a certificate to create a new CA

This document (7008700) is provided subject to the disclaimer at the end of this document.

Environment

Novell iManager Plugins - Novell Certificate Server

Situation

Trying to move a CA from one server to another.

Exported the CA  - included private key and added a password
Deleted the CA object from eDirectory
Created a new CA choosing to import with the export previously created.

The iManager Certificate Server plugin keeps refreshing when attempting to finish the process but never continues.

Troubleshooting:

Manually created a test CA
Exported the test CA with private key and set password
Deleted test CA
Created a new CA using import - this time the process completes as expected.

Troubleshooting:

Tried using ConsoleOne to import the export of the CA.
ConsoleOne returned an error:  -1443  which is DS_T_NICI_E_SIGNATURE_INVALID  0xFA5D  NICI E SIGNATURE INVALID

Troubleshooting:

Tried using openssl to create a pem file from the export of the CA.
openssl pkcs12 -in cert.pfx -out cert.pem

When prompted for the password, openssl returned the password was incorrect.


Resolution

Export of the CA has been saved with a different password than the one which was being used to import the certificate.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7008700
  • Creation Date:03-JUN-11
  • Modified Date:27-APR-12
    • NovellPKIS (Certificate Server)
    • NetIQeDirectory
      iManager

Did this document solve your problem? Provide Feedback