Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-6372

Dsconfig: unable to reset the ssl-cert-nickname property of the Administration Connector and Synchronization Provider

    Details

    • Type: Bug
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: config
    • Labels:
    • Story Points:
      0.5

      Description

      Since commit 5575ef4b406, ssl-cert-nickname property is no longer mandatory for Administration Connector and Replication Synchronization Provider configuration elements.

      As a consequence, the user can use dsconfig to reset the property to its default value (which lets the server decide which SSL key-pair should be used). Unfortunately, this does not work:

      $ bin/dsconfig  set-administration-connector-prop  \
                                      --reset ssl-cert-nickname \
                                      --hostname localhost \
                                     --port 4444 \
                                     --bindDn uid=admin \
                                     --bindPassword password \
                                     --trustAll \
                                      --no-prompt
      
      Object Class Violation: Entry cn=Administration Connector,cn=config cannot be
      modified because the resulting entry would have violated the server schema:
      Entry "cn=Administration Connector,cn=config" violates the schema because it
      does not contain attribute "ds-cfg-ssl-cert-nickname" which is required by
      object class "ds-cfg-administration-connector"
      
      $ bin/dsconfig set-synchronization-provider-prop \
                                     --provider-name "Multimaster Synchronization" \
                                     --reset ssl-cert-nickname \
                                     --hostname localhost \
                                     --port 4444 \
                                     --bindDn uid=admin \
                                     --bindPassword password \
                                     --trustAll \
                                      --no-prompt
      Object Class Violation: Entry cn=Multimaster
      Synchronization,cn=Synchronization Providers,cn=config cannot be modified
      because the resulting entry would have violated the server schema: Entry
      "cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config"
      violates the schema because it does not contain attribute
      "ds-cfg-ssl-cert-nickname" which is required by object class
      "ds-cfg-replication-synchronization-provider"
      

      This bug can be closed once configuration schema will be have been updated to reflect changes made in commit mentioned above.

        Attachments

          Activity

            People

            • Assignee:
              gaetan Gaetan Boismal [X] (Inactive)
              Reporter:
              gaetan Gaetan Boismal [X] (Inactive)
              QA Assignee:
              Petr Matej [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: