ZENworks errors with wild card certificates

  • 7002655
  • 13-Feb-2009
  • 02-Aug-2012


Novell ZENworks 11 Configuration Management
Novell ZENworks 11 Configuration Management Support Pack 1 - ZCM 11 SP1
Novell ZENworks 10 Configuration Management with Support Pack 3 - 10.3
Novell ZENworks 10 Configuration Management with Support Pack 1 - 10.1


After upgrade from earlier release, all current users always receive error during ZENworks user authentication:

ERROR: "Unable to log into the ZENworks realm because the system has disconnected from the network drive and the specified credentials did not match with the credentials cached on the system."
New users (not cached locally) receive standard login error:
ERROR: Unable to log into the network because the login credentials or the server certificate is incorrect .


Novell ZENworks 10 or 11 Configuration Management does not support using a wild card in the server certificate subject name.  

Additional Information

The server certificate subject name string must match exactly the FQDN of the ZENworks server.  Additionally, ensure that the server certificate validity period is sufficient for extended product use.  Reminting server certificates or CA requires manual steps at all affected workstations and should be avoided.
For more information about how to fix a zone that was built using a wildcard certificate, see the ZENworks Administrator Guide, Disaster Recovery: "Replacing an external server certificate with a new external server certificate issued by the same certificate authority" at https://www.novell.com/documentation/zenworks11/zen11_sys_disaster_recovery/data/bs1gu8a.html
To confirm whether the server certificate is wildcard, view the der file in Windows and see that it has "*" in subject name.