Posts Tagged ‘Certificate’

Replacing NDS 2 NDS Certificates in Novells IDM

September 22, 2009

Had an issue today day where synchronisation was not occurring between our master directory and the student NDS tree.  The first thing I tried was to restart the IDM driver, but this didn’t seem to have any effect.  So I opened a remote console into the server running the driver in the student NDS tree and loaded DSTRACE, the switches I used were:

dstrace on screen on file off

dstrace -all +dxml +dvrs

When I then switched to the DSTRACE console I was greeted with the following error message


The error message itself was pretty self explainable, the SSL certificate had expired and was preventing  the driver from communicating.  To double check this in console one, I located the KMO object for the driver certificate. When i went into the properties for the public key certificate on the certificates tab, yes indeed the certificate had expired 4 days ago.


So how do the replace the SSL certificate, thankfully there isn’t much involved this you just use the NDS 2 NDS Certificate Wizard within IDM to recreate the certificate, exactly the same way you did initially when creating the driver.


Renewing a self-signed certicate in Exchange 2007

September 16, 2009

While I was looking in the event logs of one of my Exchange 2007 Hub Transport Servers this morning I noticed the following warning message:


This is because Exchange 2007 issues a self-signed certificate for use with services like SMTP,IMAP,POP,IIS and UM and these certificates have validity period of 1 year.

To renew the certificate, open the Exchange Management Shell on the server in question and run the following powershell command:

Get-ExchangeCertificate -domain “fqdn of server”  | fl

Copy the thumbprint of the certificate which is displayed and then to renew the certificate run

Get-ExchangeCertificate -thumbprint “thumbprint” | New-ExchangeCertificate

When prompted enter y to continue, the new certificate is then generated and enabled.