DSfW: failed to log into the 'Feature Provisioning Wizard'

  • Document ID:7014602
  • Creation Date:20-Feb-2014
  • Modified Date:24-Jul-2014
    • Micro Focus Products:
      eDirectory
      Open Enterprise Server
    • SUSE Products:
      SUSE Linux Enterprise Server

Environment

Novell Open Enterprise Server 11 SP2 (OES11SP2)
Domain Services for Windows
DSfW

Situation

Failed to log into the  'Feature Provisioning Wizard' with admin and/or administrator

Resolution

Taking a ndstrace show:
TLS accept failure 1 on connection 0xe189c00, setting err = -5875. Error stack: 
error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown - SSL alert number 46

The SSL Certificate DNS  and all other certificates validate.
Looking at the subject for the SSL Certificate DNS show an IP address instead of the dns name.

Delete the SSL Certificate DNS and recreate the cert by either 
1) Running the command  ndsconfig upgrade 
or
2) In iManager use the Novell Certificate Server role | Create Default Certificates task | select the server in question | click next | verify the DNS name is correct for the SSL Certificate DNS | click next | click Finish | click Close.


Additional Information

To see the subject of a certificate, edit the SSL Certificate DNS object for this DSfW server using iManager, click on the certificates tab | click on Attributes | click on Subject Name and view the subject name.  For the SSL Certificate DNS it should be an the DNS name, not an IP address.