Draft CA Wiki
Starting point for Certificate Authority wiki -- for those who need to move their CA
Anders says, "Make sure that you create the new one in a format that you can backup."
Richard suggests the following for health checks:
"To examine the CA and W0 objects in the Security container and make sure they're correct, check the following things (from memory, incomplete list):
- Security's NDSPKI:Tree CA DN=correct
- W0's NDSPKI:SD Key ServerDN=correct
- CA's Host Server=correct
- Validate Org Certificate Authority's certs"
A couple of TIDs to remember:
TID 3392944: Cross Platform PKIDIAG - recreating server certificates
TID 10100262: "How to renew a server certificate for VPN server"
TID 3618399: "How do I move the Organizational CA to another server?"
TID 3623407: "Certificate Server Issues-Removing a Server from a Tree"
TID 10090166: "VeriSign Intermediate CA Replacement Instructions for NetWare 6 and NetWare 6.5"
TID 10074694: "NICI 1418 Errors"
The ConsoleOne documentation --
For NW5.1 and NW6.0 --
TID 10050254: 'Reinstalling Certificate Server"
TID 10060118: "How do I move the Organizational CA to another server? "
TID 10065940: "Moving the Certificate Authority"
For NW6.0 --
TID 10071751: "Backing up and Moving the Tree Certificate Authority"
- TID article
- This TID was verified to work on eDir 8.8.2 with a Netware \ Linux Mixed Tree as well (Not by Novell)
This Wiki artcle can help with the tranistion to Linux, if you need it:
Other Key Words to Study
- Key Material Object
Room for Corrections
Looking forward to the sysops' notes on this page.