PKIDIAG error -1223500792 and error -1240 seen after changing IP address of server

  • 7008368
  • 13-Apr-2011
  • 27-Apr-2012

Environment

Novell eDirectory 8.8 for NetWare 6.5
Novell NetWare 6.5

Situation

After changing the IP address of a Netware 65 server, user ran PKDIAG to regenerate the servers certificates.  Upon running PKIDIAG They received the following error:

Error -1223500792 The KMO SSl Certificate IP exists, but I cant decode it.
Error -626 creating SSl CertificateIP

Error -1240 The KMO SSL CertificateDNS exists, but we can't decode it.
Error -626 Creating SSL CertificateDNS

Resolution

Before changing the servers IP address, new firewall rules had not been setup to allow the new IP address to communicate out through the network.

Changing the firewall rules to the new IP address of the server resolved the issue.