Identity Manager DxCMD error "Could not parse certificate"

  • 7016110
  • 28-Jan-2015
  • 28-Jan-2015

Environment


NetIQ Identity Manager Engine Other
NetIQ Identity Manager Driver - LDAP
NetIQ Identity Manager Engine Style-sheets

Situation

During startup, the driver will try to set a password on the OnBoarding job for the Permission Collection and Reconciliation Service, and after Identity Manager 4.0.2 Engine and Remote Loader Patch 7 the following can be seen in the driver log when the driver is starting:

 : LDAP Driver PT:      Action: do-set-local-variable("setNamedPwd",scope="policy",arg-object(token-xpath("jcmd:commandLine(string($SETPWDCMD))"))).
 : LDAP Driver PT:        arg-object(token-xpath("jcmd:commandLine(string($SETPWDCMD))"))
 : LDAP Driver PT:          token-xpath("jcmd:commandLine(string($SETPWDCMD))")
 : DirXML Command Line Utility
 : version 4.0.2.7
 : Copyright (C) 2003-2011 Novell Inc., All Rights Reserved
 : java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Illegal footer: -----END CERTIFICATE-----
 :     at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
 :     at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
 :     at com.novell.nds.dirxml.util.DxCommand.initServerCert(DxCommand.java:1420)
 :     at com.novell.nds.dirxml.util.DxCommand.encryptPassword(DxCommand.java:1455)
 :     at com.novell.nds.dirxml.util.DxCommand.setNamedPassword(DxCommand.java:1714)
 :     at com.novell.nds.dirxml.util.DxCommand.access$9900(DxCommand.java:55)
 :     at com.novell.nds.dirxml.util.DxCommand$ArgSetNamedPwdHandler.handleArg(DxCommand.java:4028)

Resolution

This is a cosmetic error, the password is being set on the Onboarding Job configuration.


Additional Information

It is possible to use DxCMD to check that the password has been set:

dxcmd
-> 7: Job operations...
-> 2: Operations on a specific job object...
-> Select the PermissionOnbording.<driver>.<driverset> job
-> 6: Passwords operations
-> 3: List named passwords
if 'ua-password' is listed, then the password have been set.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.