Environment
Novell BorderManager 3.8
Situation
IKE log shows IKE_CCS_RSAPrivateKeyEncrypt:
CCS_DataEncryptInit returned error code -1423
Site to Site VPN fails to work
VPN error 1423
Trusted Root Objects were created with Console One and not
iManager.
Trusted Root Objects for VPN are corrupt.
Resolution
Delete Trusted Root Object off the server that is giving you the 1423 error and re-import it with iManager. To do this:
In iManager or Console one, browse to the container with your BorderManager server and find the "TRC - [servername]" container. Go inside this trusted root container and find the Trusted Root object for the problem server and delete it. You should be able to tell this by the IKE loggiving you the 1423 error when trying to connect to this server.
In iManager or Console one, browse to the container with your BorderManager server and find the "TRC - [servername]" container. Go inside this trusted root container and find the Trusted Root object for the problem server and delete it. You should be able to tell this by the IKE loggiving you the 1423 error when trying to connect to this server.
- Open iManager.
- Select "Novell Certificate Server".
- Select "Create TrustedRoot".
- Choose a name to identify the server.
- Browse to the "TRC - [server name]" on the server and select it.
- Browse to the file of the exported server Certcertificate, from when you exported it the first time.
- Click "OK" - it should say "Complete Success".
- Click OK.