Environment
Certificate Authority
Situation
Creation/regeneration of default server certificates fails with error -1222
Running "ndsconfig upgrade" after deleting and recreating the tree CA fails
Resolution
ldapsearch -x -H ldap:// -D cn=admin,o=novell -W -b cn=MyCA,cn=Security -s base -LLL ndspkiCRLConfigurationDNList
ndspkiCRLConfigurationDNList: cn=CRL_1 - Configuration,cn=CRL Container,cn=Security#0#
ndspkiCRLConfigurationDNList: cn=One - Configuration,cn=CRL Container,cn=Security#0#
Cause
Multiple CRL configuration object DNs are added to the CA's ndspkiCRLConfigurationDNList attribute.
Additional Information
Sample from pki-install.log
**********************************************************************
pkiInstall::CreateServerCertificate
**********************************************************************
Called NPKIGetServerInfo to turn ON Server File Trace for server: server1.novell
Calling NPKICreateDefaultCertificates
Calling NPKICreateDefaultCertificates error -1222
A default DNS Name was not specified.
NPKICreateDefaultCertificates with the IP address specified.
Calling NPKICreateDefaultCertificates error -1222
Resolving to the SSL CertificateDNS - servername.context Object.
The SSL CertificateDNS object for this server already exists.
Called NPKIGetServerInfo to turn OFF Server File Trace for server: server1.novell