Access Manager Console error Exception occurred processing MetadataRepositories_TableView.jsp tying to configure Metadata Repositories

  • 7024491
  • 20-Mar-2020
  • 20-Mar-2020


  • Access Manager 4.5
  • Access Manager 4.5.1


  • Access Manager Appliance 4.5.1

  • iManager reports the error: "Exception occurred processing MetadataRepositories_TableView.jsp tying to configure Metadata Repositories"

  • The "/var/opt/novell/nam/logs/adminconsole/tomcat/catalina.out" lists the following error:
    Creating secure SSL LDAP context failed:  simple bind failed:

  • After enabling SSL debug logging:
    %% Invalidated:  [Session-90, TLS_RSA_WITH_AES_256_CBC_SHA256]
    https-jsse-nio-8443-exec-4, SEND TLSv1.2 ALERT:  fatal, description = certificate_unknown
    https-jsse-nio-8443-exec-4, WRITE: TLSv1.2 Alert, length = 2
    https-jsse-nio-8443-exec-4, called closeSocket()
    https-jsse-nio-8443-exec-4, handling exception: sun.securit
    y.validator.ValidatorException: PKIX path building failed:
    tPathBuilderException: unable to find valid certification path to requested target
    com.novell.nidp.admin.model.NidsAdminException: Crea
    ting secure SSL LDAP context failed:
    simple bind failed:


  • use iManager to export the ConfigCA Root Certificate
    Dashboard => Certificates => Trusted Roots => configCA => Export Public Certificate => DER File => Save File

  • copy the exported "configCA_exportedCert.der"  file over to your Admin Console server

  • import the exported Trusted Root Certificate: "/opt/netiq/common/jre/bin/keytool -import -alias ConfigCA -file configCA_exportedCert.der -keystore /opt/netiq/common/jre/lib/security/cacerts". The Password for the keystore is "changeit".

  • restart the Admin Console: "/etc/init.d/novell-ac restart"


  • The LDAP server Certificate validation failed due to the fact that the Trust Chain / Root Certificate is missing in the Trusted Root Certificate store.

Additional Information

List of files use for the Admin Console server:
  • Trusted Root Certificate Store: "/opt/netiq/common/jre/lib/security/cacerts"
  • Tomcat Configuration: "/opt/novell/nam/adminconsole/conf/tomcat8.conf"
  • Tomcat Connector Configuration: "/var/opt/novell/nam/logs/adminconsole/tomcat/catalina.out"

  • Enable SSL debug logging for Tomcat

    • add the "JAVA_OPTS="${JAVA_OPTS}" options to  "/opt/novell/nam/adminconsole/conf/tomcat8.conf"