Novell ZENworks 10 Configuration Management with Support Pack 3 - 10.3
Cannot deploy Authentication Satellite in one specific scenario:
- Create a zone with external Certificate Authority, with zone Certificate Authority entity called, for example, "Zone CA "
- Create a key pair for "Subordinate CA " entity having Certificate Authority basic constraint and key usage as Certificate Signing.
Sign it using "Zone CA "
- Create a key pair for authenticate satellite, say "Auth Satellite " with Digital Signature and Key Encipherment capability.
Sign it using "Subordinate CA ".
- On a Linux device, attempt to import the "Auth Satellite " via zac iac .
ERROR: The specified server certificate is not signed by the appropriate authority. The Authentication Satellite Server's certificate should be issued by " Zone CA", but the specified certificate is issued by " Subordinate CA"
This is fixed in version 10.3.1 - see KB 7006265 "ZENworks Configuration Management 10.3.1 - update information and list of fixes" which can be found at https://www.novell.com/support