DirXML Driver does not start
(Last modified: 11Apr2003)
This document (10080575) is provided subject to the disclaimer at the end of this document.
fact
DirXML 1.1a
DirXML 1.1
DirXML 1.1a Remote Loader
DirXML 1.1 Remote Loader
symptom
DirXML Driver does not start
DirXML Driver fails to start on attempting to connect SSL to Remote Loader
DirXML Driver starts fine if SSL is not configured.
note
The error on the Remote Loader trace screen was as follows:
<<DirXML: [02/24/03 09:24:24.25]: TRACE: Loader: Waiting for DirXML to connect on 'TCP server socket, port 8090, address localhost, using SSL'...
DirXML: [02/24/03 09:24:39.18]:
DirXML Log Event -------------------
Thread = Subscriber Channel
Level = error
Message = SSL protocol failure: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
fix
The "Remote Loader connection parameters:" field in the Authentication tab of the driver properties in Console One indicated the name of the eDirectory DNS Certificate (kmo=SSL CertificateDNS) instead of a uniquely created certificate (NDSPKI:Key Material) obect created for use with the driver. The problem was that single quotes need to be placed around the certificate name if there are spaces in the name. So, the parameter should read kmo='SSL CertificateDNS'. As an optional fix, a unique certificate with a name containing no spaces could be created and used.
note
The steps for creating an SSL connection between eDirectory and an application machine running Remote Loader are as follows:
1- Export a trusted root file in .b64 format from eDirectory to the application server where the Remote Loader will be configured.
2- Install Remote Loader, selecting to enable SSL, then point to the trusted root file created in step 1.
3- Create a KMO (NDSPKI:Key Material object) in eDirectory.
4- Install and configure the application driver in Console One and indicate the name of the new KMO (kmo=<CertificateName>) in the Remote Loader Connection Parameters field under the Authentication tab of the driver properties page.
document
| Document Title: | DirXML Driver does not start |
| Document ID: | 10080575 |
| Solution ID: | NOVL87250 |
| Creation Date: | 25Feb2003 |
| Modified Date: | 11Apr2003 |
| Novell Product Class: | Novell eDirectory |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.