Unable to get local issuer certificate

  • 7009448
  • 29-Sep-2011
  • 17-Feb-2015


Novell Access Management 3.1
Novell Access Management 3.1 Support Pack 3 .
Novell Access Manager 3.1 Linux Access Gateway Service


The Linux Access Gateway Service had secure communication between the proxy and the back-end webserver.
The Web Server Trusted Root setting was set to Any In Reverse Proxy Truststore.

The /var/log/novell-apache2/error_log showed the following error message:
Certificate Verification: Error (20): unable to get local issuer certificate

When checking the /opt/novell/apache2/cacerts directory it did not contain the required trusted root certificates in pem format.


The imported trusted root certificates where assigned to the incorrect trusted root store and for that reason while importing 
it will not create the needed pem files in the /opt/novell/apache2/cacerts directory.
The trusted root certificates should be imported into the Proxy Trust Store  of the device that has secure communication setup to a back-end webserver.

Once this was done the pem files where created.