Anonymous_User Absent Member.
Absent Member.
3315 views

PKIDIAG Error -1234

When attempting to run PKIDIAG in FIX mode, I recieve a -1234 error on
both my DNS and IP certificates. Novell 6.0 Sp5. Any ideas on how to
fix this?

Thanks,

Coy
Labels (2)
0 Likes
10 Replies
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

Does this help:
http://support.novell.com/techcenter/search/search.do?cmd=displayKC&docType=kc&externalId=10060900html&sliceId=&dialogID=2087849

- Anders Gustafsson, Engineer, CNE6, ASE
NSC Volunteer Sysop
Pedago, The Aaland Islands (N60 E20)

Novell does not monitor these forums officially.
Enhancement requests for all Novell products may be made at
http://support.novell.com/enhancement

Using VA 5.51 build 315 on Windows 2000 build 2195

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

Try deleting the broken certs from C1 and then let pkidiag recreate them

Cheers Dave


--

Dave Parkes [NSCS]
Occasionally resident at http://support-forums.novell.com/
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

I attempted this but it tells me I do not have rights. The message
is "You do not have sufficent access rights to the CN=UCPS
Orgasnizational CA.CN=Security certificate authority to create a
certificate." When I try to may admin a trustee of the Security
Container it agains says "You don't have read rights to read the ACLs on
this object. Therefore the inherited rights page and the Trustees of
this object will not be displayed."it agains tell em I don't have rights
in C1. If I look at Trustees in NWADMIN, ADMIN is a trustee of the
container.

> Does this help:
> http://support.novell.com/techcenter/search/search.do?

cmd=displayKC&docType=kc&externalId=10060900html&sliceId=&dialogID=2087849
>
> - Anders Gustafsson, Engineer, CNE6, ASE
> NSC Volunteer Sysop
> Pedago, The Aaland Islands (N60 E20)
>
> Novell does not monitor these forums officially.
> Enhancement requests for all Novell products may be made at
> http://support.novell.com/enhancement
>
> Using VA 5.51 build 315 on Windows 2000 build 2195
>


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

,
> If I look at Trustees in NWADMIN, ADMIN is a trustee of the
> container.
>

With S rights?

- Anders Gustafsson, Engineer, CNE6, ASE
NSC Volunteer Sysop
Pedago, The Aaland Islands (N60 E20)

Novell does not monitor these forums officially.
Enhancement requests for all Novell products may be made at
http://support.novell.com/enhancement

Using VA 5.51 build 315 on Windows 2000 build 2195

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

Yes it has supervisor rights. In fact it has all rights except "add
Self". I tried my "Backdoor" user that has all including "Add Self" and
get the same results.

Coy


> > If I look at Trustees in NWADMIN, ADMIN is a trustee of the
> > container.
> >

> With S rights?
>
> - Anders Gustafsson, Engineer, CNE6, ASE
> NSC Volunteer Sysop
> Pedago, The Aaland Islands (N60 E20)
>
> Novell does not monitor these forums officially.
> Enhancement requests for all Novell products may be made at
> http://support.novell.com/enhancement
>
> Using VA 5.51 build 315 on Windows 2000 build 2195
>


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

,
> Yes it has supervisor rights. In fact it has all rights except "add
> Self". I tried my "Backdoor" user that has all including "Add Self" and
> get the same results.
>

Strange... Does Dave's suggestion help?

- Anders Gustafsson, Engineer, CNE6, ASE
NSC Volunteer Sysop
Pedago, The Aaland Islands (N60 E20)

Novell does not monitor these forums officially.
Enhancement requests for all Novell products may be made at
http://support.novell.com/enhancement

Using VA 5.51 build 315 on Windows 2000 build 2195

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

Loaded C1 and deleted Old certificates DNS and IP SSL. Ran PKIDIAG in
Diag mode, showed 2 errors. Ran again in FIX mode. Recieved the
following in step 6
Creating IP and DNS Certificates if necessary
Number of Server IP Address = 1
The default IP address is: 10.14.0.50
Problem: A SSl CertificateIP does not exist
Fixing: Creating SSL CetificateIP (10.14.0.50)
Pausing for 5 seconds because of error -1234
ERROR -1234 creating SSLCertificateIP

It then repeates for the SSL CertificatDNS

Step 6 failed -1234

Fixable problems found: 2
Problems fixed: 0
Un-fixable problems found: 0






> Try deleting the broken certs from C1 and then let pkidiag recreate them
>
> Cheers Dave
>
>
> --
>
> Dave Parkes [NSCS]
> Occasionally resident at http://support-forums.novell.com/


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

-1234 is insufficient rights ?, what user name did you use to login to run
PKIDiag ?

Cheers Dave


--

Dave Parkes [NSCS]
Occasionally resident at http://support-forums.novell.com/
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

All,

Thanks for your help. It was a rights issue, something happened to the
Admin rights at the root. Once restored it worrked OK

Coy


> -1234 is insufficient rights ?, what user name did you use to login to

run
> PKIDiag ?
>
> Cheers Dave
>
>
> --
>
> Dave Parkes [NSCS]
> Occasionally resident at http://support-forums.novell.com/


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: PKIDIAG Error -1234

<g>, that would do it

Cheers Dave


--

Dave Parkes [NSCS]
Occasionally resident at http://support-forums.novell.com/
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.