GMS system 10 years or older won't start

  • 7024837
  • 23-Sep-2020
  • 23-Sep-2020


GroupWise Mobility Service 18


GMS won't start.  The following error is seen in the /var/log/datasync/syncengine/engine.log file:

rtype: <urlopen error [SSL: SSLV3_ALERT_CERTIFICATE_EXPIRED] sslv3 alert certificate expired (_ssl.c:661)>

The /var/log/datasync/install.log indicates that the GMS system was originally installed 10 years ago.


The internal pem files used for all internal GMS components are based on the selfsigned CA created during the initial installation and is valid for 10 years.

This CA is in /var/lib/datasync/common/CA/trustedroot.pem

All other parts of GMS using pem files are based on this CA and are stored in


When after 10 years these certificates expire this means GMS will not start anymore and the self signed CA needs to be recreated, after this the certificates based on this also need to be recreated.

Scripts are provided for this in /opt/novell/datasync/common/bin/ssl/

The order you run this in is

When done GMS starts again, the self signed CA and all certificates are renewed for another 10 years.


The internal CA and associated certificates have expired