Encryption Management Server presents an incorrect certificate for secure key lookup connections

Article Id: 169798
Status: Published
Updated On: 26-07-2018 04:12
Legacy Id: TECH246973
Products:
Encryption Management Server
Issue/Introduction:

Encryption Management Server allows remote hosts to search for public keys over LDAP (port 389) and secure LDAP (LDAPS port 636).

After the SSL certificate assigned to the LDAPS interface is replaced, remote Encryption Management Servers cannot connect over secure LDAP.

Cause:

After the certificate is replaced, the stunnel service is not automatically restarted.

Resolution:

Manually restart the stunnel service:

  1. Connect to the server using SSH or PuTTY. (Click here to see how).
  2. Restart the stunnel service:
# pgpsysconf --restart stunnel

For assistance, please contact Symantec Support.