Originally Posted by linosaurusroot
Needs more investigation around this area. Does that program log anything? Can you attach truss to it?
Is a server restart needed in relation to this change?
Alas-that is the entire log for the application in question. It is a web administration tool attached to iplanet-basically a front end to a large set of Java scripts. That error only occurs when I try the new 1024. The old one goes in, though currently fails because the old key pair DB is not there. I am wondering if it is some sort of character/line limitation on what it will accept but, that is probably a red-herring (Old cert is 30 lines. New cert is 36 lines. I say red-herring because I eventually got it inserted into the one server. That trick is not working on 02).
I am wondering if it is still an issue with the crypto-card integration. Several times when I generated a key instead of doing 1024-it popped out a 1023 csr-the CA company says that it isn't that uncommon to happen like that though.
The way it is supposed to go is as detailed in this link: http://www.digicert.com/ssl-certific...on-iplanet.htm
Edit to add: I don't think truss is installed-I do have strace though if that helps us. Also to note-its KSH and not Bash.