Platform Certificate Expiration time set to expire in 60 days

  • 3007885
  • 23-Oct-2007
  • 26-Apr-2012

Environment

Novell Identity Manager Driver - Core Fan Out
Novell Identity Manager 3.5

Situation

In Fanout Utilities under Component Status, the Certificate Expiration time for Platforms are set to expire in 60 days even though the core driver certificate is set to expire in 10 years.

Resolution

60 days is the default time value if it cannot find a value for the ASAM-certDelayExpireTime attribute on the Certificate Services object under the "ASAM System".
The attribute is on the Certificate Services.Manager Services.ASAM System.
To fix the problem perform the following steps:
1. Check this attribute value. It should be a number (the number of days), which defaults to 3650 (or 10 years).
2. Change the value if needed (recomended value is 3650)
3. After changing this attribute, the Fanout driver should be restarted.
4. The platforms need to get new certificate expiration dates. To do this run the Platform receiver with a -s option to get new certificates created for the Platform receiver.
5. Stop and restart the Platform receiver. The Certificate expiration time should correctly show an expiration time other than 60 days out.