ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Encryption Management Server presents an incorrect certificate for secure key lookup connections
Article ID: 169798
Updated On:
Products
Encryption Management Server
Issue/Introduction
Encryption Management Server allows remote hosts to search for public keys over LDAP (port 389) and secure LDAP (LDAPS port 636).
After the SSL certificate assigned to the LDAPS interface is replaced, remote Encryption Management Servers cannot connect over secure LDAP.
Cause
After the certificate is replaced, the stunnel service is not automatically restarted.
Environment
- Encryption Management Server 3.4 and above.
- Keyserver service enabled.
- Secure LDAP enabled.
Resolution
Manually restart the stunnel service:
- Connect to the server using SSH or PuTTY. (Click here to see how).
- Restart the stunnel service:
# pgpsysconf --restart stunnel
For assistance, please contact Symantec Support.
Feedback
Yes
No
Powered by
