Import new Certificate for Portal Services, iManager and NetWare 6 WebAccess

  • 7015406
  • 22-Jul-2014
  • 22-Jul-2014


Novell NetWare 6
Novell NetWare 5.1
Novell Portal Services 1.0
Novell Portal Services 1.01
Novell Portal Services 1.5
Novell iManager 1.5.2


Cannot login into WebAccess Error: "Error: 500"
LDAP Communication between Novell Portal Services and the LDAP server is in cleartext.
iManager returns error: "Unable to get LDAP context Exception: <IP Address of LDAP server>:<SSL port of LDAP server>"
Import new Certificate for Portal Services, iManager and NetWare 6 WebAccess


To (re)import a Certificate into the Java Certificate Store the following is required:
  • JDK/SDK 1.3.x or newer on a Workstation
  • ConsoleOne 1.2d or newer with PKI snap-in's
  • NICI 1.5.7 or later on the workstation (depending on the ConsoleOne PKI snap-in)
  1. Make a backup of SYS:\JAVA\LIB\SECURITY\CACERTS
  2. Copy SYS:\JAVA\LIB\SECURITY\CACERTS to a WorkingDirectory on the Workstation
  3. Install JDK on the Workstation
  4. Add C:\JDK-<version> to the path on the WorkStation
  5. Use ConsoleOne to export the PublicKey of the "SSL CertificateDNS" (or any other Certificate with is used with the LDAP Group) in binary DER format and name it CA.DER.
    Copy this file to the WorkingDirectory on the WorkStation.
  6. Use KeyTool to import the certificate into CACERTS: 
    1.  keytool -import -file ca.der -keystore cacerts <enter>
    2. password: changeit <enter>
    3. Trust this certificate? [no]: yes <enter>
  7. Make sure that CACERTS was modified.
  8. Copy CACERTS back to the server (SYS:\JAVA\LIB\SECURITY\)
  9. Unload Java on the server: java -exit
  10. Make sure that has the right settings:
    - System.DirectoryAddress=<server tcp/ip address>:636
    - System.DirectorySSL=true
    On NetWare 5.1 with Novell Portal Services this file is in: SYS:\TOMCAT\WEBAPPS\NPS\WEB-INF\
    On NetWare 6.0 with WebAccess this file is in SYS:\WEBAPPS\WEBACCESS\WEB-INF\
  11. Start Tomcat: tomcat33.ncf


Additional Information

Problem could be that the Certificate got broken during installation.
SSL was not setup during installation.
Novell NetWare 6 error trying to login to WebAccess:

Cannot login into WebAccess, error: "Error: 500"
Error: 500
Location: /webaccess/servlet/portal
Internal Servlet Error:

javax.servlet.ServletException: The portal is unable to login: authenticate: [cn=WebAccess_pco,ou=WebAccess,ou=Services,o=Lab] ::
        at com.novell.nps.configManager.ConfigManager.init(, Compiled Code)
        at com.novell.nps.PortalServlet.init(
        at org.apache.tomcat.facade.ServletHandler.doInit(
        at org.apache.tomcat.facade.ServletHandler.init(, Compiled Code)
        at org.apache.tomcat.facade.ServletHandler.service(
        at org.apache.tomcat.core.ContextManager.internalService(, Compiled Code)
        at org.apache.tomcat.core.ContextManager.service(, Compiled Code)
        at org.apache.tomcat.modules.server.Ajp13Interceptor.processConnection(, Compiled Code)
        at, Compiled Code)
        at org.apache.tomcat.util.threads.ThreadPool$, Compiled Code)
        at Source) 

Formerly known as TID# 10071664

Change Log

22 Jul 14 - Peter Sumsion - Imported from KB 10071664, updated Netware to NetWare