My Oracle Support Banner

ODSEE11g - When Using "dsadm" to Manage Certificates New Cert Database Files are Created ("cert9.db" and "key4.db") and the "dse.ldif" Configuration File is Not Updated (Doc ID 2638781.1)

Last updated on SEPTEMBER 21, 2021

Applies to:

Oracle Directory Server Enterprise Edition - Version 11.1.1.7.190716 and later
Information in this document applies to any platform.

Symptoms

When managing the certificate database using the "dsadm" command against ODSEE11.1.1.7.190716 the files are updated:

slapd-cert8.db to slapd-cert9.db
and
slapd-key3.db to slapd-key4.db

and the certificates are successfully added to the new certificate database (i.e.; slapd-cert9.db)

However the Directory Server configuration file (dse.ldif) is not update and still references old path/cert_files.

 

Changes

The below is an example listing of the files AFTER the dsadm to manage the certificates:

# ls -la /<INSTANCE_PATH>/alias
total 140
drwxr-xr-x 2 <USER> <GROUP> 140 Jan 17 10:59 .
drwxr-xr-x 11 <USER> <GROUP> 108 Jan 17 10:47 ..
-rw------- 1 <USER> <GROUP> 1586 Jan 31 2017 certmap.conf
-rw------- 1 <USER> <GROUP> 539 Dec 17 10:38 pkcs11.txt
-rw------- 1 <USER> <GROUP> 16384 Jan 31 2017 secmod.db
-rw------- 1 <USER> <GROUP> 65536 Dec 17 10:38 slapd-cert8.db
-rw------- 1 <USER> <GROUP> 28672 Jan 13 13:38 slapd-cert9.db
-rw------- 1 <USER> <GROUP> 16384 Dec 17 10:38 slapd-key3.db
-rw------- 1 <USER> <GROUP> 28672 Jan 13 13:37 slapd-key4.db

The below command shows the old path/files are still referenced in the dse.ldif and not the new:

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.