Results 1 to 6 of 6

Thread: Importing a Third-Party Certificate into eDir- invalid CRL

Threaded View

  1. #1
    esilva is offline Micro Focus Employee - Ultra Contributor
    Join Date
    Dec 2014

    Importing a Third-Party Certificate into eDir- invalid CRL


    I have 3rd party certificate that I want to import into eDirectory 9.0.4.

    The CA who signed the CSR sent the following files:

    a. signedcertificate.cer
    b. intermediateCA.cer
    c. rootCA.cer

    The CSR was NOT created using eDirectory. It was generated using openssl on a SLES12 SP2 server:

    Original CSR file = request.csr
    PrivateKey file = private.key

    I generate .pfx certificate for import into eDirectory using iManager

    When I valid the certificate with iManager >> Roles and task >> Security >> NetIQ Certificate Access >> Server Certificates, I received the following response: Invalid: Unable to read CRL

    Click image for larger version. 

Name:	2-CRL.PNG 
Views:	14 
Size:	16.6 KB 
ID:	6164

    CRL is:

    [1]Punto de distribución CRL
    Nombre del punto de distribución:
    Nombre completo:
    Dirección URL=ldap:///CN=PKI2BancoAVvillas,CN=Acagua,CN=CDP,CN=Public%20 Key%20Services,CN=Services,CN=Configuration,DC=org anizacion,DC=net?certificateRevocationList?base?ob jectClass=cRLDistributionPoint
    Dirección URL=file:////Acagua.BancoAVvillas.net/CertEnroll/PKI2BancoAVvillas.crl
    Dirección URL=http://extranet.com.co/terceros/PKI2BancoAVvillas.crl
    Dirección URL=http://Acagua.BancoAVvillas.net/CertEnroll/PKI2BancoAVvillas.crl

    How I can resolve this?

    Last edited by esilva; 04-Dec-2018 at 01:50 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts