Bob,
Does your b64 certificate have spaces in its name? If so, you need to
ensure your kmo= statement is enclosed in single quotes.

I have had trouble with SSL in the past. Creating a new certificate
generally fixes it.


> Hello All,
>
> I have been trying to get SSL working on my IDM connection.
> eDirectory - Identity Vault
> AD - remote loader
>
> Dstrace from Netware Server - <status level="error" type="remoteloader">
> java.io.IOException: Unable to read certificate, error:2612D194:KMO
> support routines:SSL_CTX_use_KMO:reason(404), error:2612D198:KMO support
> routines:SSL_CTX_use_KMO:reason(408)</status>
>
> Message: Code(-9006) The driver returned a "retry" status indicating
> that the operation should be retried later. Detail from driver: No
> connection to remote loader
>
>
> Trace file from Windows 2003
>
> DirXML: [06/05/06 09:40:10.03]: Loader: Verifying command port...
> DirXML: [06/05/06 09:40:11.01]: Loader: Verifying driver can be loaded...
> DirXML: [06/05/06 09:40:11.01]: Loader: Initializing SSL encryption...
> DirXML: [06/05/06 09:40:18.44]: Loader: Waiting for DirXML to connect on
> 'TCP server socket, port 8090, address 165.111.243.20, using SSL'...
> DirXML: [06/05/06 10:02:37.97]: Loader: Waiting for driver thread to
> exit...
>
> *****************
>
> SSL enabled on remote loader. Loaded with self-signed CA saved with .b64
>
>
> IDM configured with Authentication ID: DomainController/Authorized
> User remote connection parameters: hostname= port= kmo=
>
> I have followed the proper procedures step-by-step and still it does not
> connect. Please help! I do appreciate any help you can give.
> Thanks.......