New Access Manager Console with a restored backup reports NICI error -1418 while creating default certificates

  • 7024301
  • 29-Nov-2019
  • 02-Dec-2019

Environment

  • Access Manager 4.5
  • Access Manager 4.5.1

Situation

  • fresh installed Primary Access Manager Console server on Linux
  • backup has been restored without any returned error message running the "/opt/opt(devman/bin/amrestore.sh" script
  • restored Access Manager Console is up and running without any further problems
  • using ether "ndsconfig upgrade -j " or using the iManager Certificate Server snapin to recreate default certificate ends up with a "-1418" while trying to create EC Certificates

Resolution

  • This issue has bee reported to engineering

  • Use iManager to access your CA


  • review the Certificate Server object name (usually Treename CA)  and take a note

  • export your "Self Signed Certificate RSA" by using iManager into PKCS'12
  • rename the exported "cert.pfx" to "cacert-rsa.pfx"
  • delete the CA Object object
  • create a new CA using default settings and the CA object name as used before
  • export only the new "Self Signed Certificate ECDSA" by using iManager into a PKCS#12
  • rename the exported "cert.pfx" to "cacert-ecdsa.pfx"
  • delete the newly created Certificate Authority Object again
  • create again a new CA using the import feature and select the exported PKCS'12 files to restore the RSA and ECC CA

  • re-assign the Certificate Revocation list container objects for the RSA / ECDSA CA. Use the iManager Directory Administration => Modify Object Task as below