Novell Home

Setting up SSL Communications on GroupWise Messenger Server on SLES 10

Novell Cool Solutions: Tip
By Dave Cushing

Digg This - Slashdot This

Posted: 7 Nov 2006
 

Problem:

Setting up SSL communications on GroupWise Messenger Server for Linux on SuSE Linux Enterprise Server 10.

Solution:

I just finished setting up Messenger agents on a Linux server and thought I would share my little 'HOW-TO' with the group so others who are going to attempt a linux install will have a reference. Most of the information I got for the HOW-TO came from different posts in this newsgroup [novell.support.groupwise.messenger], and a couple of searches on Google.

My System: Novell SuSE Linux Enterprise 10 running on VMWARE. Make sure OPENSSL package is installed via YaST before beginning. Install the agents normally, you don't have to select SSL at install, we can do it afterwards.

Step One - Create private host key

mkdir /opt/novell/messenger/certs
cd /opt/novell/messenger/certs
openssl genrsa -des3 -out messenger.key

This will prompt you for a password when it generates the key. The password can be anything you want but DO NOT FORGET THE PASSWORD.

Step Two - Generate Certificate Signing Request

openssl req -new -nodes -key messenger.key -out messenger.csr
When asked for your name, enter the name of the host (ie. gwmessenger.mydomain.com)

Step Three - Issue the Certificate (Thanks to Jim Michael)

Load ConsoleOne and select Tools -> Issue Certificate
Browse to /opt/novell/messenger/certs/messenger.csr
You should see the CSR loaded into the text box.
Choose Next. Next.


Choose Custom, check ALL three Key Usage boxes.
Also check the "Set key usage extension to critical" box.
Choose Next.

Change the validity period to > 1 year if you want.
Choose next.

Choose Finish.

Select base64 format, and point it at
/opt/novell/messenger/certs/messenger.b64.
Choose Save.

You should now have a messenger.b64 file in /opt/novell/messenger/certs

In C1, open the GrMessengerService | <SERVER>SERVER | MessagingAgent. Go to Agent | Security.

Enter the paths to your messenger.key and messenger.b64 files. Click Set Password and enter the password you assigned to the key. Click Enable SSL for Client Server.

Restart the messenger agent, by issuing /etc/init.d/novell-nmma restart

You should now be doing SSL - enjoy!

Environment:

SuSE Linux Enterprise Server 10


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell