No I am not looking for a TID on how to generate a CSR in iManager or ConsoleOne, nor do I need to know how to sign a CSR. Spent over an hour telling Novell support that, finally cancelled the SR after waiting over 15 min for a response..

Reason - got a linux guy (only likes ubuntu) that is trying to setup a radius server for a client. Needs to LDAP query eDir for user names/passwords.
Have helped set this up in SLES or open SuSE prior with good success.
He sent me a CSR that I signed and gave him a base64 file (asked if that is the format he needed, no answer).
Here is what he sent me:
--------------------
When I try to connect to 10.25.10.6 radius is not able to setup a connection.
Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 43399, id=217, length=56
User-Name = "root"
User-Password = "hughes"
NAS-IP-Address = 127.0.1.1
NAS-Port = 10
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "root", looking up realm NULL [suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[ldap] performing user authorization for root [ldap] expand: %{Stripped-User-Name} -> [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> root [ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=root) [ldap] expand: o=isd_199 -> o=isd_199
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] attempting LDAP reconnection
[ldap] (re)connect to 10.25.10.6:389, authentication 0
[ldap] setting TLS Cert File to /etc/ssl/radius/radserver5000.crt
[ldap] starting TLS
[ldap] ldap_start_tls_s()
[ldap] could not start TLS Connect error
[ldap] (re)connection attempt failed
[ldap] search failed
[ldap] ldap_release_conn: Release Id: 0
++[ldap] returns fail
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> root
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 217 to 127.0.0.1 port 43399 Waking up in 4.9 seconds.
Cleaning up request 0 ID 217 with timestamp +3 Ready to process requests.
------------------------------------------
He is having issues getting LDAPs working with the cert. I can browse all day long with a LDAP browser using LDAPs.

I saw a TID the other day that highlighted what pieces were needed for a 3rd party OS to generate a CSR that I could sign with the eDir CA. OF course I did not need all of that on that day so I did not write down the TID number, grrr.
Now I cannot find the magic words to search on and find the TID.

any help MUCH appreciated!!!

WO