Environment
Novell Open Enterprise Server (OES) Support Pack 1 Linux
Mono
iFolder 3.x
Situation
A certificate has been changed in eDirectory (or on the LDAP
server), and iFolder 3.x has stopped functioning. The
certificate is regenerated or repaired, but iFolder 3.x continues
to be non-functional.
Resolution
The certificate must be deleted and then repaired. This is
done by :
certmgr -list -c -m Trust
This command gives a list of the current certificates listed. The certificate in question may still show up as a valid certificate. However, if it does not match the certificate on the LDAP server, the connection will fail.certmgr -del -c -m Trust {the unique hash value of the cert to delete}
This command should be run with the unique hash value of the certificate from the previous step - and should refer to the server that had the certificate repair performed./etc/init.d/apache2 stop
This command stops apache and Simias services. If not performed, Simias (and Mono) will continue to recognize that the certificate is still in the keystore.certmgr -ssl ldaps://0.0.0.0:636 -c -m Trust
The above command will import the new certificate from the ldap server at the IP address of 0.0.0.0 (change this to an appropriate IP address). When running this command, the prompt to import the certificate will occur at least twice. Answer yes to both times./etc/init.d/apache2 start
This command restarts the Apache, Mono, and Simias (iFolder 3.x) services, and should have the iFolder 3.x system operational.