Download Print this page

Certificate Validation Issues - Novell ENHANCED SMART CARD METHOD 3.0.1 - INSTALLATION 17-07-2007 Installation Manual

Table of Contents

6.3.2 Certificate Validation Issues

If the method fails with an Invalid Certificate or Certificate Validation Failed message, the method

was unable to validate the certificate sent by the workstation. Check the following items:

The certificate on the smart card is not expired or has not been revoked by the issuing

Certificate Authority.

The method is properly configured with a trusted root container that contains a valid trusted

root certificate. See

information about configuring the trusted root container.

Certificate revocation checking is properly configured. See

Certificate Revocation Checking," on page 31

CRL and OCSP revocation checking requires connectivity to the CRL Distribution Point or

OCSP Responder. If the information is unavailable, the validation process fails.

When using OCSP validation, the OCSP response is signed by the responder's certificate. In

order for the response to be considered valid, the responder's certificate must be trusted. Place

the OCSP responder's trusted root certificate in the trusted root container to identify it as

trusted.

Section 5.2, "Configuring Trusted Root Certificates," on page 29

Section 5.3, "Configuring

for more information.

for

Troubleshooting

Table of Contents

Do you have a question about the ENHANCED SMART CARD METHOD 3.0.1 - INSTALLATION 17-07-2007 and is the answer not in the manual?

Enhanced smart card method 3.0.1