Novell is now a part of Micro Focus

My Favorites

Close

Please to see your favorites.

Importing certificate to keystore after eDirectory CA recreation

This document (7006793) is provided subject to the disclaimer at the end of this document.

Environment

Novell eDirectory 8.7
Novell eDirectory 8.8
Novell Open Enterprise Server 2 (OES 2) Linux
Novell Open Workgroup Suite (NOWS)
Novell Open Workgroup Suite Small Business Edition (NOWS SBE)
SUSE Linux Enterprise Server 9
SUSE Linux Enterprise Server 10
Novell NetStorage

Situation

After CA recreation in eDirectory the Catalina.out file shows the error " Caused by: java.security.cert.CertPathValidatorException: The certificate issued by OU=Organizational CA, O=Novell is not trusted; "

Resolution

  1. From iManager or ConsoleOne
  2. Go to CA properties.
  3. Under Certificates export the Self Signed Certificates with the name trustedrootcert.der and save it to the filesystem.
  4. Copy the trustedrootcert.der to the linux filesystem.
  5. Use the keytool utility to import the trustedrootcert.der to the keystore file /var/opt/novell/tomcat5/conf/cacerts with the following command
    keytool -import -alias <alias_name> -file <location of exported der file> -keystore /var/opt/novell/tomcat5/conf/cacerts
  6. Restart eDirectory with the rcndsd restart command
  7. Restart Tomcat (command varies with platform. Usually something like rctomcat5 restart)
  8. Verify that the error is gone by checking the Catalina.out file and doing the required operation.



Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7006793
  • Creation Date:06-SEP-10
  • Modified Date:07-FEB-14
    • NovellNetStorage
      Open Workgroup Suite - Small Business Edition (NOWS SBE)
    • SUSESUSE Linux Enterprise Server
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback