Error -340 after enabling Encrypted Replication

  • 7025103
  • 17-May-2021
  • 17-May-2021

Environment

eDirectory 8.8 SP8
eDirectory 9.x

Situation

A mixed ring of 9.x and 8.8.x servers throws error -340 when ER is enabled.

Steps performed before encountering the error:
- Install 888 first
- Upgrading it to 9.x
- Add a second 9.x server then a third 888 server to the tree.
- Enable ER on the upgraded server then the other two and the error is thrown from the upgraded server.

Resolution

eDirectory's Certificate Server cache directory is empty.  It can be found at:
/var/opt/novell/eDirectory/data/dib/certserv/kmocache

First ensured the default DNS SSL certificate existed.  Then created a new server certificate.  Once NDSD was restarted the certificate cache was properly populated.