This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Certificate generating with old server name

OES 2015.1 server was renamed.  The correct name is reflected in local hostname file, as well as nds.conf. Also, the server shows up under the correct name in eDirectory.  When the old certs expired and I regenerated new ones (ndsconfig upgrade) they were created with the old hostname.  Any ideas where/why ndsconfig is getting the old hostname?

  • 0  

    It would be interesting to compare with those created by the iManager, NetIQ Certificate Server, Repair Default Certificates.

    How is the general eDir health?   Do the following commands come back error free?

    ndsrepair -T
    ndsrepair -E
    ndsrepair -C -Ad -A

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

  • 0 in reply to   

    All of the above ndsrepair options complete with zero errors.  Also, I note the name of the server is correct in the ndsrepair output.  Thanks for the suggestion about using iManager.  I gave it a try and it still generates the the cert with the old name.  Your suggestions got me thinking about DNS resolution so I did a lookup and confirmed the forward/reverse DNS entries reflect the correct name.  We don't even have an alias record for the old name, so DNS is ruled out.

  • 0 in reply to 

    How do you renamed the server?
    Imho the only supported way is to remove the server from the tree with ndsconfig rm and rename the server (with yast) and readd the server with yast (or ndsconfig)

  • 0   in reply to 

    Check and edit if needed, the files
    /etc/hosts
    /etc/HOSTNAME

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

  • 0 in reply to 

    Opened a ticket with Micro Focus support and they had me change it in two places: nds.conf, and Yast -> Network Settings -> Hostname/DNS.  Restarted ndsd.  Name change was reflected in eDir and all seemed well until we had to gen new certs.

  • 0 in reply to   

    Confirmed both are correct.

  • Verified Answer

    +1

    Circling back on this issue.  I never found the root cause.  Over the Thanksgiving holiday I upgraded the server to OES 2018 SP3 and the problem mysteriously went away.  After the upgrade I deleted, then re-generated a new certificate and it was minted with the correct hostname.  So my issue has been resolved by the upgrade.