Hi All,
When we are creating a server certificate, We are getting the below error. kindly assist in this
Thanks.
Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Hi All,
When we are creating a server certificate, We are getting the below error. kindly assist in this
Thanks.
You do not say it, and the obvious thought would be that it is implied, and yet...
Did you delete the old cert? :) You do not usually Renew a cert in the eDir CA. I guess you probably could.
Instead you delete the old and recreate. (In fact the recreate the Default certs task in iMan, deletes and recreates with the same name.). For Certs this usually does not matter. It is rare to have a DN reference to a cert (Maybe LDAP Server or HTTP server, but I think iManager goes and fixes those for you under the covers).
Usually all you care about in a cert is that it is signed by a trusted CA. Which hopefully only changes very rarely (once in 10 years, or in 2037).
One thing to understand about the NetIQ PKI Server.
The object DN will be Cn=CertName - SERVERNAME
This is because, you can have 2 or 100 servers in the same OU, and all can have a cert of the same name, yet all be different (or imported from one and other and the same) yet be specific to a server. That is, ServerA cannot load a Cert tagged with ServerB.
So I would try a LDAP query of: (objectclass=nDSPKIKeyMaterial) and see if a cert of the name you are creating exists elsewhere in the tree. Maybe someone moved the old cert. Honestly I do not even know if that would continue to work? Does the PKI require the cert i nthe same container as the Server? Dunno, never tried.
Try and let us know what you find.