000026025 - Error: 'key-retrieval.xuda: Line 186: [XrcXUDAUNABLE] unable to contact directory server. Key recovery error.' in Keon Certificate Authority

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000026025
Applies ToKeon Certificate Authority 6.5.1
Keon Key Recovery Module 6.5.1
IssueError: "key-retrieval.xuda: Line 186: [XrcXUDAUNABLE] unable to contact directory server. Key recovery error." in Keon Certificate Authority
CauseThis error is caused due to a configuration issue with the xudad.conf file located in the <install_dir>\RSA Keon_CA\Xudad\conf directory
ResolutionPerform the following check to ensure that the Key Recovery Backend is configured. Open the xudad.conf with a text editor (e.g. Notepad or vi) and check that the following entries in bold have been inserted correctly within the file.

  #######################################################################
  # ldbm database definitions
  #######################################################################

  database               caoperations
  suffix                 "o=ca,o=services"
  sslonly                1
  http-publish-host      <fqdn hostname>
  http-publish-port      447

  database               krsoperations
  suffix                 "o=krs,o=services"
  sslonly                1
  operatorsNeeded        2
  operatorsTotal         3


  database               services
  suffix                 o=services

If these lines do not exist in xudad.conf please make no changes at this point and close the editor and perform the following tasks:

1. Stop all RSA Keon Certificate Authority processes

2. From the <install_dir>\RSA Keon_CA\Xudad\conf directory, make a copy of the xudad.conf file for backup

3. Using a text editor (e.g. Notepad or vi), insert the changes into xudad.conf file shown in bold above

4. Start RSA Keon Certificate Authority

For documentation reference to Enabling the Key Recovery Backend, refer to page 22 - chapter 2 - "Installing the Keon Key Recovery Module" in the RSA Keon Key Recovery Administrator's Guide.
Legacy Article IDa22584

Attachments

    Outcomes