If you get to the point where Imanager has a bad certificate you can use this to at least get it back working.
Edit the file /var/opt/novell/tomcat4/webapps/nps/WEB-INF/PortalServlet.properties file in a text editor. Change the line near the top from
(replacing the 10.44.82.14 with the current server's IP address)
and change the line near the bottom that reads
This will allow us to run the iManager config again without getting the login failed errors that you might see if the CA has been hosed. I know it's insecure, but we can change that later when things are running normally and besides, we're using tomcat to talk to eDir on the same server, not across the network.
Next, browse to
Choose the usual options (including the standard pco object) and use the admin's password to configure...have a break, this will take a minute or two.