Hello
Yesterday I upgraded my lab environment (before doing it IRL at clients).

I noticed I'm not getting any events from my eDirectory/IDM/NMAS
collectors since then.

I'm not sure why this is happening.
Do I need to restart lcache/eDir when upgrading Sentinel?

Checking the /var/opt/novell/naudit/nproduct.log on the IDM server I see
this:

************************************************** *************************
Fri Nov 29 17:29:08 2013 [Novell Audit Platform Agent]: LCache could not
process event for the application Modular Authentication Service.
Reconnecting LCache Again.
Fri Nov 29 17:29:08 2013 [Novell Audit Platform Agent]: LCache could not
process event for the application Modular Authentication Service.
Reconnecting LCache Again.
Fri Nov 29 17:29:08 2013 [Novell Audit Platform Agent]: ACK Failure for nmas
Fri Nov 29 17:29:08 2013 [Novell Audit Platform Agent]: Attempting to
re-establish connection to secure log server for application Modular
Authentication Service.
Fri Nov 29 17:29:08 2013 [Novell Audit Platform Agent]: Server reports
logging protocol version: 4
Fri Nov 29 17:29:08 2013 [Novell Audit Platform Agent]: Failed SSL Handshake
Fri Nov 29 17:29:08 2013 [Novell Audit Platform Agent]: Authentication
Failure
Fri Nov 29 17:30:12 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:30:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:30:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:30:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:30:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:30:45 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:30:50 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:30:52 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:32:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:32:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:32:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:32:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:33:12 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:33:45 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:33:50 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:33:52 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:34:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:34:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:34:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:34:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:36:12 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:36:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:36:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:36:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:36:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:36:45 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:36:50 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:36:52 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: LCache could not
process event for the application eDirInst. Reconnecting LCache Again.
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: LCache could not
process event for the application eDirInst. Reconnecting LCache Again.
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: ACK Failure for
LDAPEvents
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Attempting to
re-establish connection to secure log server for application eDirInst.
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Server reports
logging protocol version: 4
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: LCache could not
process event for the application Modular Authentication Service.
Reconnecting LCache Again.
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: LCache could not
process event for the application Modular Authentication Service.
Reconnecting LCache Again.
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: ACK Failure for nmas
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Attempting to
re-establish connection to secure log server for application Modular
Authentication Service.
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Failed SSL Handshake
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Authentication
Failure
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Server reports
logging protocol version: 4
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Failed SSL Handshake
Fri Nov 29 17:37:12 2013 [Novell Audit Platform Agent]: Authentication
Failure
Fri Nov 29 17:38:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:38:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:38:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:38:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:39:12 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:39:45 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:39:50 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:39:52 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:40:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:40:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:40:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:40:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:42:12 2013 [jlcache]: SocketTimeoutException with client:
DirXML^M
Fri Nov 29 17:42:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:42:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
Fri Nov 29 17:42:17 2013 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (4)^M
Fri Nov 29 17:42:17 2013 [jlcache/MonitorCache]: Exception while
preparing to send data to server: Received fatal alert:
certificate_unknown^M
************************************************** *********************

If I check the server0.0.log on the Sentinel server I see this:

************************************************** *********************
Fri Nov 29 17:38:18 CET
2013|SEVERE|Thread-326473|esecurity.ccs.comp.evtsrcmgt.connector.audi tserver.DeviceSensorAuditListener$LEngine.sendClie nt
; Exception java.security.cert.CertificateException:
Certificates does not conform to algorithm constraints;
javax.net.ssl.SSLHandshakeException; ; Caused by Certificates does not
conform to algorithm constraints; java.security.cert.CertificateException;
Fri Nov 29 17:38:18 CET
2013|SEVERE|Thread-326473|esecurity.ccs.comp.evtsrcmgt.connector.audi tserver.DeviceSensorAuditListener$LEngine.sendClie nt
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: Certificates does not conform
to algorithm constraints
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at
sun.security.ssl.ServerHandshaker.clientCertificat e(Unknown Source)
at
sun.security.ssl.ServerHandshaker.processMessage(U nknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown
Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at
sun.security.ssl.SSLSocketImpl.performInitialHands hake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown
Source)
at sun.security.ssl.AppOutputStream.write(Unknown Source)
at sun.security.ssl.AppOutputStream.write(Unknown Source)
at java.io.DataOutputStream.write(Unknown Source)
at
esecurity.ccs.comp.evtsrcmgt.connector.auditserver .DeviceSensorAuditListener$LEngine.sendClient(Devi ceSensorAuditListener.java:949)
at
esecurity.ccs.comp.evtsrcmgt.connector.auditserver .DeviceSensorAuditListener$LEngine.handle_LE_CMD_S TARTTLS(DeviceSensorAuditListener.java:666)
at
esecurity.ccs.comp.evtsrcmgt.connector.auditserver .DeviceSensorAuditListener$LEngine.performHandShak e(DeviceSensorAuditListener.java:607)
at
esecurity.ccs.comp.evtsrcmgt.connector.auditserver .DeviceSensorAuditListener$LEngine.run(DeviceSenso rAuditListener.java:462)
Caused by: java.security.cert.CertificateException: Certificates
does not conform to algorithm constraints
at
sun.security.ssl.AbstractTrustManagerWrapper.check AlgorithmConstraints(Unknown
Source)
at
sun.security.ssl.AbstractTrustManagerWrapper.check AdditionalTrust(Unknown Source)
at
sun.security.ssl.AbstractTrustManagerWrapper.check ClientTrusted(Unknown
Source)
... 14 more
************************************************** ***************************