Good thing I am not hands on anymore these days? Because 15 years of Domino Admin experience gets me all the problem clients no matter what I am doing these days. So back to why I asked you here today to read my minds thoughts. The server console spits out, every hour consistently mind you the following: Error updating local ID file: The public keys specified in the Name Change Request do not match those specified in the new certificate Now raise your hand if you haven't seen a "similar" message before.
It happens sometimes, in fact there are tons of technotes that start with "Error updating local ID file" but only that include my error. Now remember in my previous post I said do at least 5 things before calling support, well I did the following: All checked out ok. Oddly enough no reference to name changes, certifier changes or anything even remotely close to the name of the server at issue, 3 Next up Certlog.
Nothing unusual, although a number of people's ID's are going to expire this year, made note, informed client just to check. No why would I do that for a name change you ask?
Simple, what if someone decided to textually change the name without recertifying? Guess what server isn't going to talk to anyone?
While all looked okay I noticed there was no entry under port in the Ports tab. Odd I thought didn't notice anything funny in the Admin4.
And what do I see, an admin process error every time the server was restarted. Swap over to the administration server, tell adminp to process all and notice errors and some other pieces getting done. Adminp must have been turned off or stuck. Now replicate changes to the server in question and the ports field is now fine. I then check on security and some other fields I like to check and find the lookup to the NAB fails.
So, check it out and on the server in question, the NAB shows a number of replication conflicts. No more admin process error but local ID error is still there. This Technote , explains how to resolve the problem.
Now for you newbies out there. It should scare you to do what the technote says. I hate playing with public and private key information unless I really must do it. So many ways to mess this up and render your server DOA if you are not careful. That is when I called IBM.
Level 2, because playing with certificates is NOT something to be taken lightly. Luckily Geno was able to work with me on it. Went over many choices and ideas and we each searched our respective knowledgebases and came up with the Technote above.
Well when all else fails, you try it. So follow the Technote steps in simple are: First make a backup of the certificate public key you are deleting from the server doc, just in case.
From the administrative client of the server: Click Copy Public Key. Open the Server document, delete the existing key from the Certified Public Key field and then paste the newly copied key into the field.
Save the document and restart the server And it worked. Plus I learned that Geno follows me on Twitter Edited jan with his permission and reads my posts. So to Geno and his boss, Mark H.