If you are upgrading Identity Manager and the eDirectory driver, you might encounter data synchronization errors if your certificates have expired (or if one of the two certificates has expired).
If you create a user on the server that holds a valid certificate, the user won't be synchronized to the server containing the invalid certificate. Also, you might see the following error in DSTrace:
SSL handshake failed, X509_V_CERT_HAS_EXPIRED
SSL handshake failed, SSL_ERROR_ZERO_RETURN,
If you create a user on the server that holds an expired certificate, the user will still be synchronized to the server containing a valid certificate. Also, you might see the following error in DSTrace:
Error: 14094415: SSL Routines: SSL_READ_BYTES: sslv3 alert certificate expired.
To fix this issue, create new certificates.