iFolder Recovery Agent Certificates cannot be removed from the Recovery Agent list

  • 7002594
  • 09-Feb-2009
  • 27-Apr-2012


Novell iFolder 3.7
Novell Open Enterprise Server 2 (OES2)


A Recovery Agent is used to sign public key certificates, Recovery Agent Certificates (RAC) are public key certificates used to encrypt the data encryption key.  Within the context of iFolder a Recovery Agent can be used to reset a users passphrase.  This can be accessed from the iFolder client, selecting, Security > Reset Passphrase.  A drop-down list of Recovery Agents can then be accessed.

During the installation of the iFolder server the admin is prompted to define a location for the certificates.  Once a certificate has been created it can be copied into this directory.  iFolder will copy this certificate into its database and use this as a Recovery Agent.  If a certificate is removed from this directory iFolder continues to make this available to users as it still exists in the database.  Certificates cannot be removed from the database and therefore are still presented to users in the iFolder client.


This fix was included in iFolder 3.8 (OES2 sp2).

Additional Information

iFolder server database [default location]:

For more detailed information on the RAC see the iFolder documentation: