After applying sp7 to a 65sp6 server PKI.NLM is abending the server. I havenít seen anything in the forums on PKI not loading. Iím not versed in certificates, so this is new to me. Do I have a corrupted certificate that is not allowing PKI.NLM to load? Can/should I recreate certificates when PKI will not load? I need a starting point and a walk through. Thank you

-----------------------------------------------------------
Loading module PKI.NLM
Novell Certificate Server
Version 3.30 August 15, 2007
Copyright 1997-2007 Novell, Inc. All rights reserved.
SERVER-5.70-1553: Module initialization failed.
Module PKI.NLM NOT loaded
Module PKI.NLM load status INIT FAIL
-----------------------------------------------------------

Also tried PKIDIAG.NLM that reveiled some problems.

-----------------------------------------------------------
PKIDiag 2.78 -- (compiled Jul 18 2005 17:19:11).
(Check the end of the log for the last repair results)
Current Time: Tue Apr 8 19:28:19 2008
User logged-in as: admin.epi.
Fixing mode
Rekey mode
Always Re-key

--> Server Name = 'name'
---------------------------------------------------------------------------

Step 1 Verifying the Server's link to the SAS Service Object.
Server 'NAME.XXX' points to SAS Service object 'SAS Service - NAME.XXX'
Step 1 succeeded.

Step 2 Verifying the SAS Service Object
SAS Service object 'SAS Service - NAME.XXX' is backlinked to server 'NAME.XXX'.
Step 2 succeeded.

Step 3 Verifying the links to the KMOs
Reading the links for SAS Service object 'SAS Service - NAME.XXX'.
--->KMO IP AG 10\.240\.20\.4 - NAME.XXX is linked.
--->KMO DNS AG NAME - NAME.XXX is linked.
--->KMO SSL CertificateIP - NAME.XXX is linked.
--->KMO SSL CertificateDNS - NAME.XXX is linked.
Step 3 succeeded.

Step 4 Verifying the KMOs
---> Testing KMO 'DNS AG name2\.domain\.com - NAME2.XXX'.
Rights check -- OK.
Back link -- Belongs to a different server -- Ignoring this KMO.

---> Testing KMO 'IP AG 10\.240\.20\.2 - NAME2.XXX'.
Rights check -- OK.
Back link -- Belongs to a different server -- Ignoring this KMO.

---> Testing KMO 'SSL CertificateDNS - NAME2.XXX'.
Rights check -- OK.
Back link -- Belongs to a different server -- Ignoring this KMO.

---> Testing KMO 'SSL CertificateIP - NAME2.XXX'.
Rights check -- OK.
Back link -- Belongs to a different server -- Ignoring this KMO.

---> Testing KMO 'SSL CertificateDNS - NAME.XXX'.
Rights check -- OK.
Back link -- OK.
Private Key -- OK.

---> Testing KMO 'SSL CertificateIP - NAME.XXX'.
Rights check -- OK.
Back link -- OK.
Private Key -- OK.

---> Testing KMO 'DNS AG NAME - NAME.XXX'.
Rights check -- OK.
Back link -- OK.
Private Key -- OK.

---> Testing KMO 'IP AG 10\.240\.20\.4 - NAME.XXX'.
Rights check -- OK.
Back link -- OK.
Private Key -- OK.
Step 4 succeeded.

Step 5 Re-verifying the links to the KMOs
Reading the links for SAS Service object 'SAS Service - NAME.XXX'.
KMO 'IP AG 10\.240\.20\.4 - NAME.XXX' is linked.
KMO 'DNS AG EPI-MAIN - NAME.XXX' is linked.
KMO 'SSL CertificateIP - NAME.XXX' is linked.
KMO 'SSL CertificateDNS - NAME.XXX' is linked.
Step 5 succeeded.

Step 6 Creating IP and DNS Certificates if necessary.
WARNING: We are not able to determine the IP address of this Server.

This is probably due to either a winsock defect or a IP/DNS misconfiguration.
There are known defects with winsock support.
Please update to the latest service pack.

--> Setting the default IP address to 10.240.20.4.
PROBLEM: A SSL CertificateIP does not exist
Step 6 failed 35323.


Note: Occasionally multiple problems will be solved with a single fix.

Fixable problems found: 1
Problems fixed: 0
Un-fixable problems found: 0