We are running IDM 3.6.1 and trying to connect a new AD driver to a
remote loader. We created a new cert called remotecertQ03 as described
in the documentation. We exported that cert's public key and placed it
on the DC where the remote loader was installed and updated the remote
loader config to use the B64 formatted file. We added the
kmo='remotecertQ03' parameter to the driver config. Once the driver was
started the remote loader started throwing the following error:

DirXML Log Event -------------------
Thread = Subscriber Channel
Level = error
Message = SSL protocol failure: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

and in the driver log I see the following error:

DirXML Log Event -------------------
Channel: Publisher
Status: Error
Message: java.io.IOException: SSL handshake failed,
SSL_ERROR_ZERO_RETURN, error:14094412:SSL routines:SSL3_READ_BYTES:sslv3
alert bad certificate

We have checked the cert file and it looks fine. We have exported the
cert again from iManager and re-applied it to the remote loader machine
to no avail. When searching for these errors and possible solutions I
am not finding much that is applicable. I'm at a loss as to what this
means and how to fix it.

Any help would be appreciated.

gdrtx's Profile: https://forums.netiq.com/member.php?userid=1660
View this thread: https://forums.netiq.com/showthread.php?t=50841