Hi all,

I encountered some problems with CRL during I was upgrading from
IDM3.6.1 (eDir 8.8 SP6) to IDM4.0.2 (eDir 8.8 SP8) and I'm wondering if
anyone knows what I should do with the CRL and CA.


Windows Server 2008.
eDir 886.

Slave (replicating)
Windows Server 2012
eDir 888.

Their IPs and hostnames are not the same.

After setting up the above config, the Slave has replicated the CRL so I
went ahead and decommissioned the Master but first demoting it to
Read/Write and promoting all the replicas of the slave to Master. Then I
deleted all the IDM3.6.1 objects from the tree.

After that, I could not access my CRL anymore, nor could I validate any
server certs. I couldn't delete or create CRL either. I could fix it by
deleting the Tree CA manually and then recreating it.

Is there any proper steps to make sure the CRL works after

I saw this TID https://www.netiq.com/support/kb/doc.php?id=3618399 . Am
I suppose to do this before decommissioning? Would doing this help even
though the IP addresses are different?

Thanks a lot.

wenqinlee's Profile: https://forums.netiq.com/member.php?userid=8700
View this thread: https://forums.netiq.com/showthread.php?t=53653