When you run dirreplicatool.bat command the following error is thrown when initializing NSS.
Configuring NSS provider
Error configuring SunPKCS11 crypto provider
java.security.ProviderException: Error parsing configuration
at sun.security.pkcs11.Config.getConfig(Config.java:71)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
at com.symantec.cas.tools.replicate.security.SecurityClient.configurePro
vidersFIPS(SecurityClient.java:286)
at com.symantec.cas.tools.replicate.security.SecurityClient.initSSL(Secu
rityClient.java:213)
at com.symantec.cas.tools.replicate.security.SecurityClient.init(Securit
yClient.java:143)
at com.symantec.cas.tools.replicate.security.SecurityClient.getInstance(
SecurityClient.java:125)
at com.symantec.cas.tools.replicate.security.LDAPSSLSocketFactory.<init>
(LDAPSSLSocketFactory.java:52)
at com.symantec.cas.tools.replicate.engine.Directory.getSocketFactory(Di
rectory.java:199)
at com.symantec.cas.tools.replicate.engine.Directory.createLDAPConnectio
n(Directory.java:231)
at com.symantec.cas.tools.replicate.engine.Directory.connect(Directory.j
ava:57)
at com.symantec.cas.tools.replicate.Main.doReplication(Main.java:307)
at com.symantec.cas.tools.replicate.Main.main(Main.java:264)
Caused by: sun.security.pkcs11.ConfigurationException: Absolute path required fo
r library value: nss/lib
at sun.security.pkcs11.Config.parseLibrary(Config.java:641)
at sun.security.pkcs11.Config.parse(Config.java:397)
at sun.security.pkcs11.Config.<init>(Config.java:194)
at sun.security.pkcs11.Config.getConfig(Config.java:67)
... 12 more
This error does not impact the setup of the LDAP replication.
It is caused by insufficient path to the nss\lib in nss.cfg file
Sample of original incorrect nss.cfg
Edit file nss.cfg located in the dirreplicatool and add full path to the nss\lib
Sample of corrected nss.cfg file