Windows Admin Console certificate problems when selecting non default LDAP ports during installation

  • 7001821
  • 07-Nov-2008
  • 26-Apr-2012

Environment

Novell Access Manager 3 Windows Novell Identity Server
Windows 2003 Server running Support Pack 2
Windows Active Directory LDAP server already running on default 389/636 TCP ports

Situation

When installing the Admin Console onto a server that has the LDAP TCP ports 389 and 636 already listening, the administrator is correctly prompted for new TCP prts for LDAP and LDAPS. The installation would accept the newly entered TCP ports (390 and 637 for example) and the local eDirectory config store would appear to get installed fine. There were no errors reported in the installation logs.

However, when the Administrator tried to install the Identity Server component and the default certificates and keystores were created, this operation would fail. Tomcat would fail to start and the keystores referenced in the server.xml (/tec/opt/novell/tomcat5) were never created. The C:\FilesINF.keystore was also not created.

Resolution

Do not install the Admin Console on non standard TCP ports. Make sure that the only LDAP server active on the system is the one that will be used by the Access Manager setup.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.