Environment
Novell Access Management 3.1 Support Pack 3 .
Novell Access Manager 3.1 Linux Access Gateway Service
Situation
The Linux Access Gateway Service had secure communication between the proxy and the back-end webserver.
The Web Server Trusted Root setting was set to Any In Reverse Proxy Truststore.
The /var/log/novell-apache2/error_log showed the following error message:
Certificate Verification: Error (20): unable to get local issuer certificate
When checking the /opt/novell/apache2/cacerts directory it did not contain the required trusted root certificates in pem format.
Resolution
The imported trusted root certificates where assigned to the incorrect trusted root store and for that reason while importing
it will not create the needed pem files in the /opt/novell/apache2/cacerts directory.
The trusted root certificates should be imported into the Proxy Trust Store of the device that has secure communication setup to a back-end webserver.
Once this was done the pem files where created.