Environment
NetWare 6.5 SP6
NetWare 6.5 SP7
NetWare 6.5 SP8
NetWare 6.5 SP7
NetWare 6.5 SP8
Situation
When certificates become corrupted, expire, or you re-key your tree, it can cause Tomcat to stop loading. This will cause problems with iManager (503 errors).
The typical steps to run in such cases are:
Run pkidiag and choose options 4,5,6 then 0
Run tckeygen
If the problem persists after running these utilities, run tckeygen again and flip to the logger screen to collect information about what the tckeygen process is doing.
The following error may be displayed:
Error importing certificate to keystore: sys:\adminsrv\conf\.keystore
The typical steps to run in such cases are:
Run pkidiag and choose options 4,5,6 then 0
Run tckeygen
If the problem persists after running these utilities, run tckeygen again and flip to the logger screen to collect information about what the tckeygen process is doing.
The following error may be displayed:
Error importing certificate to keystore: sys:\adminsrv\conf\.keystore
Resolution
move/delete the .keystore in the sys:\adminsrv\conf directory and run tckeygen again, watching the logger screen for a success message similar to the following:
Exporting the Host certificate from: localhost
Trying to import Certificate 0 subjectDN=test3.test.com, O=Novell
Trying to import Certificate 1 subjectDN=O=Novell, OU=Organizational CA
java: Class com.novell.application.tomcat.util.EDirectoryIntegrator exited successfully
You will notice that the sys:\adminsrv\conf\.keystore was recreated, and Tomcat should now load.
Exporting the Host certificate from: localhost
Trying to import Certificate 0 subjectDN=test3.test.com, O=Novell
Trying to import Certificate 1 subjectDN=O=Novell, OU=Organizational CA
java: Class com.novell.application.tomcat.util.EDirectoryIntegrator exited successfully
You will notice that the sys:\adminsrv\conf\.keystore was recreated, and Tomcat should now load.