Setting up SSL Communications on GroupWise Messenger Server on SLES 10
Novell Cool Solutions: Tip
By Dave Cushing
Digg This -
Posted: 7 Nov 2006
Setting up SSL communications on GroupWise Messenger Server for Linux on SuSE Linux Enterprise Server 10.
I just finished setting up Messenger agents on a Linux server and thought I would share my little 'HOW-TO' with the group so others who are going to attempt a linux install will have a reference. Most of the information I got for the HOW-TO came from different posts in this newsgroup [novell.support.groupwise.messenger], and a couple of searches on Google.
My System: Novell SuSE Linux Enterprise 10 running on VMWARE. Make sure OPENSSL package is installed via YaST before beginning. Install the agents normally, you don't have to select SSL at install, we can do it afterwards.
Step One - Create private host key
openssl genrsa -des3 -out messenger.key
This will prompt you for a password when it generates the key. The password can be anything you want but DO NOT FORGET THE PASSWORD.
Step Two - Generate Certificate Signing Request
openssl req -new -nodes -key messenger.key -out messenger.csr
When asked for your name, enter the name of the host (ie. gwmessenger.mydomain.com)
Step Three - Issue the Certificate (Thanks to Jim Michael)
Load ConsoleOne and select Tools -> Issue Certificate
Browse to /opt/novell/messenger/certs/messenger.csr
You should see the CSR loaded into the text box.
Choose Next. Next.
Choose Custom, check ALL three Key Usage boxes.
Also check the "Set key usage extension to critical" box.
Change the validity period to > 1 year if you want.
Select base64 format, and point it at
You should now have a messenger.b64 file in /opt/novell/messenger/certs
In C1, open the GrMessengerService | <SERVER>SERVER | MessagingAgent. Go to Agent | Security.
Enter the paths to your messenger.key and messenger.b64 files. Click Set Password and enter the password you assigned to the key. Click Enable SSL for Client Server.
Restart the messenger agent, by issuing /etc/init.d/novell-nmma restart
You should now be doing SSL - enjoy!
SuSE Linux Enterprise Server 10
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com