Environment
eDirectory 8.7.3
eDirectory 8.8
ConsoleOne 1.3.6
Novell iManager 2.7
eDirectory 8.8
ConsoleOne 1.3.6
Novell iManager 2.7
Situation
Error: An Organizational Certificate Authority object already
exists. There may be at most one Organizational Certificate
Authority object per NDS tree.
Get message in ConsoleOne that a CA already exists in the tree even though it does not.
Installing Certificate Server give "-603" error
"NDSPKI:Tree CA DN" attribute exists even though a CA does not
Get message in ConsoleOne that a CA already exists in the tree even though it does not.
Installing Certificate Server give "-603" error
"NDSPKI:Tree CA DN" attribute exists even though a CA does not
Resolution
Using ConsoleOne or iManager, go to the Other tab on the
properties of the Security Container. Highlight the "NDSPKI:TREE CA
DN" and click the "Delete" button. You should now be able to create
the new Certificate Authority.
Additional Information
There is an attribute on the Security Container, "NDSPKI:Tree CA
DN". The value of this attribute should point to the DN of the CA.
The attribute should be deleted automatically when the CA gets
deleted. In this case the CA did not exist but the attribute on the
Security Container did. The value on the attribute was the DN
of an Organization object.
Formerly known as TID# 10100823
Formerly known as TID# 10100823