Creating SSL Cert Files with the GWCSRGEN Tool
Novell Cool Solutions: Tip
By Tim Heywood
Digg This -
Posted: 20 Nov 2007
A Forum reader recently asked:
"I have been working my way through the SSL settings and trying to enable this (so that GMS will work). I'm currently running GroupWise 7.0.2 on NetWare 6.5.6. I have a number of settings in Console one for the POA object that do not show up in the configuration on the server - specifically, the SOAP and SOAP SSL settings. In ConsoleOne, SOAP over SSL is enabled. What am I missing? I would like to get everything working correctly so I can migrate a "good" working system over to SLES 10 / OES2 in a couple of weeks."
And here's the response from Tim Heywood ...
Have you used the GWCSRGEN tool and created a certificate? If the POA has the correct cert, key, and password, and you enable the SSL on the SOAP interface, it will be available.
Here's some cert and key stuff - hope this helps:
1. If a desired PO does not have SSL certificate files (*.b64 and *.key) in its directory structure, use the GroupWise CSR generator to create those two files. This utility can be found under SDD\Admin\Utility\Gwcsrgen.
Use TID 10088293 for the CA and Certificate minting. Remember that the name has to be in B64 format and must not exceed the 8.3 character format.
Once the Cert has been created,
2. Start ConsoleOne and connect to a GroupWise system.
3. Select a PO where you want to have a SOAP communication over SSL.
4. Check properties of the POA object and in GroupWise | SSL settings provide certificate and SSL key files location.
5. In the GroupWise > Agent Settings section of the POA, make sure the SOAP protocol is enabled.
6. In the GroupWise > Network Address section of the POA, check the SOAP protocol port and enable SSL.
7. Make sure that the POA now listens on the SOAP SSL port. The POA can be also bounced, and then via F9 from the server console, you can see valid configuration settings.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com