facutvivo
asked on
iManager 2.7 & Certificate Error
Just patched NW6.5 from SP6 to SP7. Have a Certificate Error when launching iManager. The error is "MISMATCHED ADDRESS - The security certificate presented by this website was issued for a different websites address." When I view the Certification Path it is teegw.engent.com which is correct, and the Certificate status is: This certificate is OK. How do I correct this error. I have run PKIDIAG 4,5,6 which didn't help.
Last Comment
The mis-match address error comes from how all the web /tomcat stuff starts up. Usually, two certificate object exist in eDirectory -- 'CertificateIP' and 'CertificateDNS'. One is generated using the server's IP address, the other using it's DNS name. When httpstk, Apache, et. al. load, one or the other of these certificates is specified on the command line. Along with PKIDIAG, there is another utility for Tomcat specific material. IIRC, it is called 'tckeygen'; this might the root of your problem.
Internet Explorer 7 always tells me the certificate of my NetWare server is invalid. I've tried importing it to IE, but no go. FireFox let me approve the cert once, now it accepts it always.
Internet Explorer 7 always tells me the certificate of my NetWare server is invalid. I've tried importing it to IE, but no go. FireFox let me approve the cert once, now it accepts it always.
ASKER
BudDurland,
I had problems patching to SP7 and had to remove the server from the tree then add it back. so I've got some new eDirectory issues here. The mis-match address isn't occuring. Here is the story:
I ran PKIDIAG, options 5 & 6, Rekey exisiting KMO and re-key KMO mode, which completed successfully:
FIXING: Creating SSL CertificateDNS (auburn.engent.com)
Step 1: Successfully created the key pair and CSR.
FIXED: Successfully stored certificates for SSL CertificateDNS.
Step 6 succeeded.
I ran TCKEYGEN and logger screen results were:
Exporting the Host certificate from:localhost
Trying to import Certificate 0 subjectDN=CN=auburn.engent
Trying to import Certificate 1 subjectDN=OU=Organizationa
java: Class com.novell.application.tom
PROBLEM is when I use FireFox 3.0 to connect to https://192.168.2.3:8009 here is result:
Secure Connection Failed
192.168.2.3:8009 uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is not trusted.
(Error code: sec_error_untrusted_issuer
* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.
* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.
Or you can add an exception&
When I add an exception I'm getting a Login Error! Username or Password invalid.
I'm thinking of reinstalling SP7. Any suggestions are greatly appreciated.
I had problems patching to SP7 and had to remove the server from the tree then add it back. so I've got some new eDirectory issues here. The mis-match address isn't occuring. Here is the story:
I ran PKIDIAG, options 5 & 6, Rekey exisiting KMO and re-key KMO mode, which completed successfully:
FIXING: Creating SSL CertificateDNS (auburn.engent.com)
Step 1: Successfully created the key pair and CSR.
FIXED: Successfully stored certificates for SSL CertificateDNS.
Step 6 succeeded.
I ran TCKEYGEN and logger screen results were:
Exporting the Host certificate from:localhost
Trying to import Certificate 0 subjectDN=CN=auburn.engent
Trying to import Certificate 1 subjectDN=OU=Organizationa
java: Class com.novell.application.tom
PROBLEM is when I use FireFox 3.0 to connect to https://192.168.2.3:8009 here is result:
Secure Connection Failed
192.168.2.3:8009 uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is not trusted.
(Error code: sec_error_untrusted_issuer
* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.
* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.
Or you can add an exception&
When I add an exception I'm getting a Login Error! Username or Password invalid.
I'm thinking of reinstalling SP7. Any suggestions are greatly appreciated.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Novell Netware
NetWare is a computer network operating system developed by Novell, Inc. It initially used cooperative multitasking to run various services on a personal computer, using the Internetwork Packet Exchange (IPX) network protocol. It is hardware-independent, running on any suitable Intel-based PC compatible system, and a wide range of network cards. Products inclue NetWare Directory Services (NDS), a global directory service similar to Microsoft's Active Directory; GroupWise, an email system; ZENworks, an application configuration suite; and BorderManager, a security product. Open Enterprise Server, the current iteration, runs on a SUSE Linux Enterprise Server.
7K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
These certificate errors are the bane of my existence. Could it be caused by the fact that our Tree and Organization are both named ENTERPRISE? This occured long before I arrived as network admin.
who knows?