Environment
Novell Access Manager 3.1
Novell Access Manager 3.1 Interim Release 2
All Novell Access Manager have been installed on XEN virtual machines
Novell Access Manager 3.1 Interim Release 2
All Novell Access Manager have been installed on XEN virtual machines
Situation
- The Novell Embedded Service Provider (NESP) does not start all of the required SSL listeners.
- The returned error message in such a situation is:
"CCS_UnwrapKey() failed with an error [-1403], while unwrapping the key with machine key. unwrap_with_machine_key() failed with an error [-1403], while unprotecting data.(kLen:165-0) decrypt:File (/opt/novell/conf/keys/newCStuff/alternate-prod_czebox_cz.altbuf) does not exist."
- After restarting the LAG eventually all services will come up
Resolution
Use the touchfile "/opt/novell/conf/keys/.useAlternate" on the LAG to address this issue.
Additional Information
On XEN virtual hosts NICI runs into timing issues not being able to
get the required passwords while trying to access certificates. This
touchfile will make use of another process accessing certificates
(bypassing NICI)