Policy Center LDAPS certificate generated for incorrect host after installation

Solution

Overview

In some versions of Policy Center, LDAPS certificates are generated using the hostname of the device, adding the suffix "SSL", rendering the certificate valid for the incorrect hostname.

Cause
Resolution

There is a certificate generation utility included and pre-configured upon installation. Please take the following steps to re-create your SSL certificate for the correct host name.

    1.  Find your installation directory for Policy Center, the default is C:\Blue Coat Systems\PolicyCenter.

    2.  Open the \dsssl directory. Confirm the contents of the file "dsName.txt" matches the hostname PolicyCenter was installed on.

    3.  Run "Certificates.exe".

    4.  Choose option "i - initialize the certificate database" by pressing the "i" key, and enter.

    5.  Re-check your LDAPS certificate.

 

If you require that weak and medium strength ciphers are disabled, or have disabled them in the past, you may wish to use 000012268 to disable them, as the above process will re-set this functionality to the default settings.

Workaround
Additional Information
Bug Number
InQuira Doc IdKB4740
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat