Re: NESCM with Windows CA generated user certificates

[Marcel Cox]

fhettlich wrote:

>- Is the successful checking of the revocation list necessary for a
>successful eDirectory login?

No. It's a choice you make in the NESCM configuration in eDirectory. You
can configure whether a revocation list is used and what mechanism is to
be used.

--
Marcel Cox
http://support.novell.com/forums
------------------------------------------------------------------------
Marcel Cox's Profile: http://forums.novell.com/member.php?userid=8

[Marcel Cox]

fhettlich wrote:

>"Invalid: Can't construct certificate chain"

You need to have your complete certificate chain in the trusted root
store. It is not enough to have the CA certificate that was used to sign
the smartcard certificates in case that CA certificate is signed by
another authority.