DOmino 8.5 server public key problem

hcl-bot · July 7, 2009, 6:37am

i have domino 8.5 server and its cluster server

someone have copied the server.id of both servers and now he/she is accessing the server and reading other person emails

In the server configuration document-certification-ID properties i selected the server.id file and then your identity-your certificate-other actions-create new public key

and email it to the administrator account

from the administrator account i opened that email and from action-certified the attached id file

then i certified the server.id from main server cert.id and append the new public key to the original server.id by going In the server configuration document-certification-ID properties i selected the server.id file and then your identity-your certificate-get certificate-import merge ntoes certificate

i did same for cluster server as well

now i enforced public key checking on both server

the problem is when both server replicate their public key mismatch occurs and stops replication

as cluster server is unable to authenticate with the main primary server

although the stolen server.id are unable to access the server due to public key comparison check but with new server.id file there is problem in replication

tell me how to solve it

thanks

hcl-bot · July 7, 2009, 2:26pm

Subject: It sounds like the directory entries aren’t synchronized with the ID files on the servers.

If you set public key checking to “log only” mode, you should receive enough information to find out what is going wrong. It is possible that the new certificates haven’t replicated to the entire cluster yet; in that case, you would hopefully receive one more warning, and then the server docs would synchronize, the warnings would stop, and then you could fully enable public key again.

In the future, you might want to consider using the Server Key Rollover feature instead of recertifying the server IDs by hand; that process should be simpler and cleaner.

hcl-bot · July 7, 2009, 11:49pm

Subject: Re: Domino 8.5 public key error

i have manually replicated the primary and cluster server but problem is still there

hcl-bot · July 8, 2009, 12:15pm

Subject: I’d recommend manually checking the cert in the ID file (via the user security panel) and the cert in the directory just to be sure

hcl-bot · July 10, 2009, 6:37am

Subject: re:

i di not et want you wana say