IBM Support

Error: "The subject's public key found in the cross certificate does not match the one found in the certificate table" when updating certifier ID

Technote (troubleshooting)


Problem

As the Lotus® Domino® administrator, you create a new organizational certifier and cross certify it with existing organizational certifiers. You attempt to register a new user or server using the new organizational certifier and receive the following error message:


    "Error Updating Certifier ID: The subject's public key found in the cross certificate does not match the one found in the certificate table. Do you wish to continue without updating the certifier ID?"

Cause

A preexisting cross certificate may exist in the administrator's local Names and Address Book which is not up to date, and as a result, the public key listed in the cross certificate does not match the public key on the server.

Resolving the problem

The preexisting cross certificate needs to be deleted from the local Names and Address Book (names.nsf). As soon as the administrator attempts to register a new user or server, they will be prompted to accept a new cross certificate which will be up to date.


Document information

More support for: IBM Domino
Administration

Software version: 7.0, 8.0

Operating system(s): AIX, IBM i, Linux, Solaris, Windows

Reference #: 1318322

Modified date: 29 October 2008