Novell Certificate Server


Novell Certificate Server Dependencies

The Certificate Server ConsoleOneTM snap-in has the following dependencies:

If any of the above dependencies are not met, Certificate Server functionality will not be available and you will get one or both of the following error messages:

NICI 2.0.2 or later is not installed on this client. The Certificate Server snap-in will not function until NICI is installed.

The dynamic link library ccsw32.dll could not be found in the specified path.

These error messages will occur only once on the first object access.

You will typically not have LDAP SDK in your ConsoleOne distribution if you obtained ConsoleOne directly from the Novell Web site. You should use the version of ConsoleOne provided with NetWare 6. The ConsoleOne shell is located on the Client CD at \CONSOLEONE\C1.EXE and the snap-ins are located on the Client CD at \CONSOLEONE\NW6SNAPINS.EXE. ConsoleOne and snap-ins are also available on an installed NetWare 6 server at SYS:\PUBLIC\MGMT\CONSOLEONE\1.2\BIN\CONSOLEONE.EXE.

NICI 2.0.2 for Windows is available on the Client CD at \NICI\WCNICIU0.EXE or from the Novell Free Download Site.


Browser Support

You must use the Internet Explorer 5 or later or the Netscape Navigator 4 or later browser to use the certificates generated by Novell Certificate Server for SSL or LDAP connections. Older browsers are not supported.


Removing a Server from NDS

When removing a server from NDS® and then reinstalling it into the same context with the same name, a successful reinstallation occurs only if the SAS Service object representing the removed server is also deleted, if it exists.

For example, for a server named MYSERVER, there could exist a SAS object named SAS Service-MYSERVER located in the same container as the server. This SAS object must be manually deleted (using ConsoleOne) after the server is removed from the tree, but before the server is reinstalled into the tree.

IMPORTANT:  If the server is the Organizational CA or the SD Key server, you must complete some additional steps. These steps are documented in TID 10056795 (entitled "Certificate Server Issues: Removing a Server from a Tree"). You can search for this TID in the Novell Knowledgebase located at.


Verisign Certificates and Creating a Server Certificate (KMO)

If you use Verisign as the external Certificate Authority (CA) during the creation of a Server Certificate (KMO), you no longer need to obtain Verisign's trusted root to paste into the Trusted Root field. You can now select the option No Trusted Root Available, click Next, and then paste in the certificate you received from Verisign.

When the certificate is installed, the server determines if the certificate you pasted chains to a Verisign embedded root. If it does, the certificate and the trusted root are added to the Server Certificate object in NDS.



Previous | Next