Home

Results 1 to 7 of 7

Thread: setting up automatic certificate maintenance

  1. #1

    setting up automatic certificate maintenance

    Installed a couple of OES 11 servers into my tree (first OES servers
    of any type in this NW6.5 network). I moved the CA from one of the NW
    servers to one of the OES servers per Option 1 in this TID
    http://www.novell.com/support/kb/doc.php?id=3618399

    I wanted to setup Automatic Certificate Maintenance as shown here:
    http://www.novell.com/documentation/...ert-setup.html

    But I can't find the option to do it. The Novell Certificate Access >
    Configure Certificate Authority option does not exist. Configure
    Certificate Authority does exist under Novell Certificate Server, but
    I cannot find the Enable server self-provisioning option there.

    What am I missing?

    If it matters, NW servers report DS v10554.64 and OES servers report
    DS v 20606.01

    Thanks,
    Ken

  2. #2

    Re: setting up automatic certificate maintenance

    On Mon, 02 Jul 2012 23:32:39 GMT, KeN Etter
    <ketter@no-mx.forums.novell.com> wrote:

    >Installed a couple of OES 11 servers into my tree (first OES servers
    >of any type in this NW6.5 network). I moved the CA from one of the NW
    >servers to one of the OES servers per Option 1 in this TID
    >http://www.novell.com/support/kb/doc.php?id=3618399
    >
    >I wanted to setup Automatic Certificate Maintenance as shown here:
    >http://www.novell.com/documentation/...ert-setup.html
    >
    >But I can't find the option to do it. The Novell Certificate Access >
    >Configure Certificate Authority option does not exist. Configure
    >Certificate Authority does exist under Novell Certificate Server, but
    >I cannot find the Enable server self-provisioning option there.


    Had to click the Next button to find the option. Poorly written
    documentation. I left a comment for the doc writers.

  3. #3

    Re: setting up automatic certificate maintenance

    On Thu, 05 Jul 2012 13:56:01 GMT, magic31
    <magic31@no-mx.forums.novell.com> wrote:

    >Haven't done this before but your post (re)awakens my interest to look
    >at this feature (forgot it was introduced) ...
    >Thanks for feeding your findings back (here as well as in the doc
    >feedback)!


    You're welcome. I like this feature. I usually forget about my
    eDirectory certs until someething breaks. :-)

    Ken

  4. #4
    Join Date
    Feb 2008
    Posts
    221

    Re: setting up automatic certificate maintenance

    Hey Ken,

    I'm a bit confused. Not quite getting how you did this.

    When I go into iManager > Novell Certificate Server > Configure Certificate Authority it brings up the server that hosts the CA for the Tree. The is no option to select another server and there is no NEXT button.

    1) How did you do this?
    2) Am I assuming correctly you have to go to each server and set it up?

    Could you give us the exact steps you did?

    Thanks
    Hans



    >>> On 7/5/2012 at 11:03 AM, in message <rkebv7l1air7mhs53dhkb6kpk351mkg90f@4ax.com>, KeN Etter<ketter@no-mx.forums.novell.com> wrote:


    On Thu, 05 Jul 2012 13:56:01 GMT, magic31
    <magic31@no-mx.forums.novell.com> wrote:


    >Haven't done this before but your post (re)awakens my interest to look
    >at this feature (forgot it was introduced) ...
    >Thanks for feeding your findings back (here as well as in the doc
    >feedback)!


    You're welcome. I like this feature. I usually forget about my
    eDirectory certs until someething breaks. :-)

    Ken

  5. #5
    Join Date
    Feb 2008
    Posts
    221

    Re: setting up automatic certificate maintenance

    Another Question,

    Or do you just do this once for the whole tree.

    Thanks
    Hans



    >>> On 7/13/2012 at 10:04 AM, in message <4FFFF29E.ED44.00BD.1@no-mx.forums.novell.com>, Hans<HPfeil@no-mx.forums.novell.com> wrote:


    Hey Ken,

    I'm a bit confused. Not quite getting how you did this.

    When I go into iManager > Novell Certificate Server > Configure Certificate Authority it brings up the server that hosts the CA for the Tree. The is no option to select another server and there is no NEXT button.

    1) How did you do this?
    2) Am I assuming correctly you have to go to each server and set it up?

    Could you give us the exact steps you did?

    Thanks
    Hans



    >>> On 7/5/2012 at 11:03 AM, in message <rkebv7l1air7mhs53dhkb6kpk351mkg90f@4ax.com>, KeN Etter<ketter@no-mx.forums.novell.com> wrote:


    On Thu, 05 Jul 2012 13:56:01 GMT, magic31
    <magic31@no-mx.forums.novell.com> wrote:


    >Haven't done this before but your post (re)awakens my interest to look
    >at this feature (forgot it was introduced) ...
    >Thanks for feeding your findings back (here as well as in the doc
    >feedback)!


    You're welcome. I like this feature. I usually forget about my
    eDirectory certs until someething breaks. :-)

    Ken

  6. #6

    Re: setting up automatic certificate maintenance

    On Fri, 13 Jul 2012 15:04:10 GMT, Hans
    <HPfeil@no-mx.forums.novell.com> wrote:

    >Hey Ken,
    >
    >I'm a bit confused. Not quite getting how you did this.
    >
    >When I go into iManager > Novell Certificate Server > Configure Certificate Authority it brings up the server that hosts the CA for the Tree. The is no option to select another server and there is no NEXT button.
    >
    >1) How did you do this?
    >2) Am I assuming correctly you have to go to each server and set it up?
    >
    >Could you give us the exact steps you did?


    Hans,

    When I click on Configure Certificate Authority, I see Configure
    Organizational Certificate Authority Wizard and below that a list of
    CRL Distribution Points. I have four URLS listed under the CRL
    Distribution Points. Two start with http and two start with ldap -
    each by IP address and by server FQDN. At the bottom of the page is a
    Next button. I click that and I see X.509 Certificate Self
    Provisioning. I checked Enable server self-provisioning and Health
    Check.

    Regards,
    Ken

  7. #7

    Re: setting up automatic certificate maintenance

    On Fri, 13 Jul 2012 15:09:43 GMT, Hans
    <HPfeil@no-mx.forums.novell.com> wrote:

    >Another Question,
    >
    >Or do you just do this once for the whole tree.
    >
    >Thanks
    >Hans


    I was told that it is per server, but I haven't verified that yet. And
    I am not sure how to do it on each server yet. I need to dig a little
    bit and figure it out (unless someone on the forum with more knowledge
    of this jumps in with further info). But at the moment I am buried
    under some other projects and haven't had a chance to look into it
    further.

    Ken

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •