Possible bug in IDM 4.7 eDirectory Driver

After upgrading the first environment to eDir 9.1 and IDM 4.7 I found, the eDir driver would not be able to be started.

In this case the only meaningful information on the driver trace is:

[03/07/18 07:11:40.233]:LegacyNDS ST:LegacyNDS: Error occured while getting socket factory. Reason : null

On the changelog side nothing actually happens. I deleted the whole configuration and cache files there and those files were not re-ccreated.

Diving deeper into it, I found that it is an LDAPS negotiation problem. The driver was configured to "Always trust the certificate" but for one or the other reason the temporay keystore was not created. The hint to this issue is coming up at the time the driver is stopped.

[03/07/18 07:11:40.772]:LegacyNDS ST:LegacyNDS: EdirPublisher.stop() : Unexpected error occured while stopping driver. Reason : Other
[03/07/18 07:11:40.773]:LegacyNDS ST:LegacyNDS: Cleaning up auto keystore : eDir2eDir-972304D5-91CB-4055-12BF-D5042397CB91.keystore

During runtime there is not such a file created! As long as I understood from one or the other article this file should be available!

The only way I found to start the updated eDirectory drivers again, was to re-configure the drivers to use a individual keystore. This keystore must contain the trusted root CA certificates from the CA chain used to singn the remote's server LDAP certificate.

Even strange: I was only able to stert the driver with the individual keystore configured - putting the same CA certificates to the keystore of the engines JRE (/opt/novell/eDirectory/lib64/nds-module/(jre/lib/security/cacerts) did not help to start the drivers.

I have an open SR on this issue, but I wanted to check if anybody else had run into this one. In this case, did you found an other solution?

Kind regards,