Search
Recent articles
Tag cloud
- admin
- ajax
- amazonec2
- articolo
- as400
- beta
- bleedyellow
- blog
- blogroll
- browser
- clienti
- cloud_computing
- collaboration
- community
- composite_apps
- connections
- daos
- db2
- development
- diary
- domino
- dominodesigner
- dominopoint
- dwa
- eclipse
- english
- expeditor
- hcldx
- ideajam
- ilug2007
- ilug2008
- Java
- linux
- lotus
- lotusknows
- lotusnotes
- lotusphere
- lotussymphony
- lotus_connections
- lotus_foundations
- ls2009
- marketing
- misc
- mytechnotes
- nd85
- notes
- notes_domino
- openntf
- partnerworld
- personal
- perspectives
- photo
- poll
- portal
- portlet
- presentation
- productivity
- quickr
- reference
- sales
- sametime
- secondlife
- security
- sntt
- symphony
- technology
- upgrade beta socialedition domino notes
- voltmx
- webdesign
- websphere
- websphere_portal
- widgets
Archives
- July 2024 (1)
- December 2012 (1)
- March 2010 (1)
- January 2010 (1)
- November 2009 (1)
- August 2009 (2)
- March 2009 (1)
- February 2009 (4)
- January 2009 (4)
- December 2008 (3)
- November 2008 (1)
- October 2008 (2)
- September 2008 (2)
- August 2008 (5)
- July 2008 (6)
- June 2008 (9)
- May 2008 (4)
- April 2008 (2)
- March 2008 (10)
- February 2008 (1)
- January 2008 (4)
- December 2007 (1)
- November 2007 (6)
- October 2007 (3)
- September 2007 (14)
- August 2007 (11)
- July 2007 (5)
- June 2007 (6)
- May 2007 (6)
- April 2007 (4)
- March 2007 (3)
- February 2007 (4)
- January 2007 (5)
- December 2006 (2)
- November 2006 (7)
- October 2006 (6)
Hello guys, maybe this won't change your life... but you never know.
The problem:
I was messing around with some of my test servers / certifiers and got to discover that the certifier id file for one of the test organization I use was lost, definitely, no copy of it survived and the only copy I could find in a backup had a password I couldn't remember.
So what ? It would have not been a problem since it was a test certifier, but I had some spare time so I decided to look for a solution. Some time ago (> 1 year) I enabled the Domino CA process for that specific certifier so, for sure, domino stored the private key/cert id I was looking to recover.
The process:
I started checking the structure of the ICL database that Domino creates for every certificate that you migrate to CA Process.
Of course I was one of the certificate authorities for that Certifier, this allowed me to read all the document.
You know that all the documents in the ICL db are encrypted and readable only by those who are listed as certificate auhtorities (this is usually administrators and if you want the domino server itself).
The solution:
In each ICL database the CA process creates an encrypted IDStorage document tha contains:
A copy of the original certifier file
A password field to open it (you see it int he Password field.
As soon as I got this I detached the id from the document, copied the password using the field browser (in the domino property dialog) and wow.. I got back my certifier.
What to take away
If you lost a certifier id or can't recover/remember the password
and
you have enabled the CA process for that certifier
and
you are one of the listed certification authorities for that CA certifier
then
you can easily recover a working copy of your certifier ID file
by
detaching the ID file from the IDStorage document in your ICL database and opening it using the password as written in the "password" field of the same document.
I love Domino :) Don't you ?
Comments (3)
Daniele Vistalli August 21st, 2008 20:11:03