This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
How To Recover The Certificate Authority
How To Recover The Certificate Authority

Version management

Difference between version and

At line 1 added 20 lines
!!! Overview
A [How To] on Recover The [Certificate Authority] for an [EDirectory].
!! Symptoms
*The server which is the [Certificate Authority] server for the tree has crashed
*You want/need to move the [Certificate Authority] to a different server in the tree.
All certificates that are already in the NDS tree will continue to function normally until the certificate expires (the default is 2 years). They only require the CA server on creation. Every server in the NDS tree should also have the same NICISDI.KEY file installed which means that they can encrypt and decrypt NDS information such as user passwords.
!! CA server has crashed completely
If the server holding the CA server has crashed completely and needs to be reinstalled into the tree, then first a new security domain server needs to be designated for the tree.
This is stored as an attribute "NDSPKI:SD Key Server DN" of the object W0.KAP.SECURITY in the NDS tree. To designate a different server as the Security Domain, simply change this attribute in Console1 to the full distinguished name of another reliable server.
Next, install the Certificate Server on another server (this can be the same server as the Security Domain server, but does not have to be). This is done in as a product installation.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop