Error: "Error initializing connection to DirXML: java.lang.IllegalArgumentException: SocketStream.init(): Unrecognized parameter"

(Last modified: 27Jan2006)

This document (10100258) is provided subject to the disclaimer at the end of this document.

symptom

fact

Novell Identity Manager

Sun Solaris

cause

The error referenced in this TID generally means a parameter is being used that the Remote Loader does not understand. The documentation mentions that the keystore parameter is to be used in the Remote Loader configuration when the SHIM is contained in a JAR file. Generating the keystore file to be used can be done from the machine with the Remote Loader using the `keytool` command that comes with the IDM Remote Loader installation.

fix

Navigate to the 'bin' directory of the Remote Loader installation on the server. Export the certificate being used by the driver and referenced in the Remote Loader connection parameters in the driver configuration. The export should be done without the private key and should be saved in the .b64 format. See the IDM documentation for details on this process (Novell Identity Manager Administration: Setting UP a Connected System: Providing for Secure Data Transfers)

Create the new keystore by passing in the exported b64 certificate's path (including the file name) as the first parameter and the name of the new keystore as the second parameter. If the exported b64 file was /tmp/groupwise.b64 and the desired keystore name was groupwise0.keystore the following command would be used from within the create_keystore file's directory:

./create_keystore /tmp/groupwise.b64 groupwise0.keystore

You will not be prompted for a keystore password. The default password is 'dirxml' (without quotes). If you would like to change this default password you can modify the create_keystore script that comes with IDM or you can run the command it calls manually. By default the keystore is created in the path where the command is being run from. Copy the newly-created keystore to somewhere permanent. One good option may be to place it in the same directory as the conf files or in a close directory where all keystores can be located. Modify your Remote Loader configuration file to point to this keystore with the desired password. The following is an example:

-connection "port=8090 keystore='/etc/opt/novell/dirxml/rdxml/groupwise0.keystore' storepass='pAsSwordGoesHer3'"

Try starting your remote loader and you should now see the port listening properly (8090 in this case).

note

For advanced configuration it is possible to use the command directly that the create_keystore script is calling for you. This command looks like the following and utilizes the `keytool` program (substitute in values for variables where appropriate):

$KEYTOOL_PATH -import -alias trustedroot -file $CERTIFICATEFILE -keystore "$KEYSTORENAME" -storepass $KEYSTOREPASSWORD -noprompt

On my system the $KEYTOOL_PATH variable was set to the following:

/usr/lib/nds-modules/jre/bin/keytool

document

Document Title:	Error: "Error initializing connection to DirXML: java.lang.IllegalArgumentException: SocketStream.init(): Unrecognized parameter"
Document ID:	10100258
Solution ID:	NOVL104936
Creation Date:	24Jan2006
Modified Date:	27Jan2006
Novell Product Class:	DirXML

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.