Talk:Recreating Server Certificates on OES Linux

From CoolSolutionsWiki

Contents

[edit]

IP Address Change

Q:I did change IP on my server coz of a business requirement but then my iFolder3, Netstorage, virtual office wont work anymore. I've followed this procedure but I cant get those services working. Is this procedure applicable to solve my problem? or this is not enough and need to do additional configuration which i dont have idea. Please help me..

A:I suggest you ask in the Novell Forums if you have a specific situation. This procedure only fixes SSL certificates, these products should still work (but possibly present warnings) if you change a server's IP address, unless you bound the services to a particular IP address.

[edit]

IP Address Change Follow-Up

Q:I'm sure many newbies like me will very much appreciate if you can also create a cool solution regarding OES Linux server that needs to be reconfigured for a new IP address.

Thank you very much in advance and more power!

A:I'll put it on my Todo list, no guarantees though. In the meantime, you may want to look at TID 10097192

R: THANKS! I've already done the TID 10097192 long before on my first try but it didn't help, might be due to vague instructions. I'll wait on your cool solution regarding my request. more power!

[edit]

Certificate Hierarchy / Path

Q: Hi, done this a few times on a number of servers and found it really useful. I've used both C1 and iManager to create the certificate and to export it. I have enabled the certs to be used with both Apache and NRM. I have noticed though that when you access the site, the Certificate Hierarchy /Path is missing in both IE and Firefox, whereas it always shows the Organization CA as the trusted root for Netware servers. Am I missing something, or is this a quirk of the methodology?


Q: We just migrated our NW 6.5 GroupWise server to OES Linux. It went this way:

NetWare server's orginal IP address 10.1.0.8

Linux server's original IP address 10.1.100.8

After the migration, we wanted the Linux server to have the NW server's original IP address because all the clients, firewalls, spamassassin, etc. pointed to it, so we changed them thus:

NetWare server's new IP address 10.1.200.8

Linux server's new IP address 10.1.0.8

I discovered that I could not run either NoRM or iManager from the Linux server. This error always appears:

You have received an invalid certificate. . . .. .. Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number.

No doubt switching the IP addresses caused some confusion regarding who was supposed to have which certificate. In researching this, I came upon this Cool Solution and attempted to go through it. However, I immediately hit a problem. When I run ndsconfig update, everhthihg looks normal till it gets to the end. Here is the last thing written to the screen before it returns to the command prompt:

Novell eDirectory LDAP Server TCP port is not listening. Novell eDirectory LDAP Server TLS port is not listening.

No eDirectory certs are created. Now, this Linux server has a replica on it, but it is not running any LDAP server, as none was installed by default and I have not read anything so far that encouraged me to install one. Is that what I am lacking here?

Richard White Mason County, Washington

[edit]

New Server in Existing Tree

Bypassed Certificate creation by Yast during install. iManager was not working. Located two articles TID 3911570 and then this link at coolsolutions. I was able to get things to work following this procedure. However, the TID outlines process to create the root certificate that is local to the server rather than from eDir. Any comments of the relationship between these two?

Retrieved from "http://wiki.novell.com/index.php/Talk:Recreating_Server_Certificates_on_OES_Linux"