Our Server Certificate recently expired and the recertification keeps failing with the following error.
“Error updating local ID file: The public keys specified in the Name Change Request do not match those specified in the new certificate”
As a result many users are complaining that while connecting to the server, we receive “server’s certificate has expired, do you want to coninute”. Worse than that is no one can replicate with the server.
Would anyone have any suggestions?
Subject: Unable to recertify Server Certificate
Hi Ben,
Try to certify your ID (not recertify thru the admin process), to do it, use your admin client, and go to configuration/certification/certify, be sure to use your certifier and select your server ID. THe good point of this method is your will see the errors in real time (or in the local log or in the certlog db on the server)
You should use a copy of your server ID, because the one on the server should be open and cannot be modified, then shutdown your sever and copy back the ID file.
Hope this helps
Christian
Subject: Unable to recertify Server Certificate
Problem When starting the Domino server, the following message is displayed on the server console:
“Error updating local ID file - the public key specified in the change request database does not match those specified in the new certificate.”
This message does not appear to affect server functionality in any way.
Solution
This can be experienced if the key entered in the Certified Public Key field in the Administration section of the Server document does not match the key held in the Server ID file being used by the Notes or Domino Server. This scenario can happen, for example, if the server had been recertified with the relevant (or even possibly different) Certifier ID.
The solution is to copy the key from the Server ID file into this field of the Server document. This can be accomplished as follows:
From the administrative client of the server:
Select File, Tools, UserID (assuming the client is using the same ID).
Select More Options.
Click Copy Public Key.
Open the Server document, delete the existing key from the Certified Public Key field and then paste the newly copied key into the field.
Save the document and restart the server.
Subject: RE: Unable to recertify Server Certificate
I was migrating the domino server to a different system, so I created a new .id with the same name and used that on the new system. I ran into a bunch of problems (including this one) and so I don’t recommend doing that. The issue was also complicated because we wern’t using the same address books either (long story). So, in the end, I had a running server but kept seeing this error repeat during the day. I belive this process (pasting the new public key) worked at eliminating that annoying error. Thanks!