Unable to renew certificate after clicking on a link to auto-renew-certificate.xuda page in email notification
2 years ago
Originally Published: 2010-08-12
Article Number
000051990
Applies To
RSA Certificate Manager 6.8
Issue
Unable to renew certificate after clicking on a link to auto-renew-certificate.xuda page in email notification
Clicking on the link to renew certificate, selecting the certificate to be renewed when prompted by the browser, and finally clicking on 'Renew Certificate' button shows the following error:

An error [XrcXUDAUNABLE: unable to contact directory server] was encountered attempting to renew your certificate. Please contact your administrator for more information. You may be asked to supply some or all of the following information:
[details of the certificate to be renewed]
The URL for certificate renewal looks like the following:  https://<RCM-hostname>:<renewal-port>/auto-renew-certificate.xuda
Cause
The certificate renewal URL does not include jurisdiction ID that the certificate being renewed belongs to.
Resolution
The certificate renewal URL must include the jurisdiction ID that the certificate being renewed belongs to.  If the renewal email is being sent out by RSA Certificate Manager (RCM), through configuring Certificate Expiry Notification for the jurisdiction(s), note that:

if autonotice_renewurl is not defined in xudad.conf, the default url constructed by RCM automatically includes the respective domainID (jurisdiction ID)
- if autonotice_renewurl is defined in xudad.conf, then text of the email notification template in Certificate Expiry Notification section for the jurisdiction(s) should be updated as follows (notice that domainid is not and cannot be part of the url defined in xudad.conf):
   [!--AUTONOTICE_RENEWAL]?DomainID=[!--AUTONOTICE_JURISDICTION]
Notes

For more details on configuring expiry notifications, see RSA Certificate Manager 6.8 Administrator's Guide, section "Configuring Certificate Expiry Notification", pages 138-142.


Don't see what you're looking for?