We use Identity Manager for password Synchronization. There is a driver
from Identity Vault to eDirectory on Netware. The KMO(IDV2eDir)
contains 2 types of certifciate expiration dates:

1. Trusted Root Certificate - Valid for next 8 years.
2. Public Key Certificate - which expired 2 days ago

The same dates are seen on the other side i.e. KMO(eDir2IDV).

We were thinking only the Trusted Root Certificate was controlling the
Synchronization. But today the synchronization stopped working and the
driver logs were showing: SSLHandshake failed - certificate expired.

1. Which certificate should I worry about for the driver
synchronization? Trusted Root or PKC?

2. We also noticed that eDirectory(Identity Vault) went down this
morning. Will the certificate expiration bring down eDirectory?(because
the TAO file could not process lot of requests and it bombed out??)

arbask's Profile: http://forums.novell.com/member.php?userid=17567
View this thread: http://forums.novell.com/showthread.php?t=416163