gwcsrgen (1)


gwcsrgen - GroupWise Generate CSR utility




The GroupWise Generate CSR utility (GWCSRGEN) generates a certificate signing request (CSR) file and a private key file. These files are needed to provide secure communication through SSL (Secure Socket Layer) connections between GroupWise agents and clients.

When you run the Generate CSR utility, you must fill in the following fields in the interface provided:

Key Filename

The name for the private key file (for example, server1.key). If you don’t want the file stored in the same directory as the gwcsrgen executable, specify a full path with the file name (for example, /certs/server1.key).

Key Password

The password for the private key. The password can be up to 256 characters (single-byte environments).

CSR Filename

The name for the certificate signing request file (for example, server1.csr). If you don’t want the file stored in the same directory as the gwcsrgen executable, specify a full path with the file name (for example, /certs/server1.csr).


The two-letter abbreviation for your country (for example, US).


The name of your state or province (for example, Utah). Use the full name. Do not abbreviate it.


The name of your city (for example, Provo).


The name of your organization (for example, Novell, Inc.).


The division of your organization that this certificate is being issued to (for example, Product Development).

Hostname of Server

Specify the DNS hostname of the server where the server certificate will be used (for example,

Configuration File

For convenience, you can record the information for the above fields in a configuration file so that it is automatically provided whenever you run the Generate CSR utility. The configuration file must have the following format:

[Private Key]
Location = 
Extension = key

Location = 
Extension = csr

[Required Information]
Country =
State = 
City = 
Organization =
Division =
Hostname =

If you do not want to provide a default for a certain field, insert a comment character (#) in front of that line. Name the file gwcsrgen.cnf. You can save the file in your current directory (for example, /opt/novell/groupwise/agents/bin if you run the gwcsrgen executable from that default location) or in /etc/opt/novell/groupwise/agents.

What’s Next

After the CSR and private key files are created, you need to submit the CSR to a Certificate Authority in order to receive a server certificate. If you haven’t previously used a Certificate Authority, you can use the keywords “Certificate Authority” to search the Web for Certificate Authority companies. The process of submitting the CSR varies from company to company. Most provide online submission of the request. Follow their instructions for submitting the request.

When you receive the server certificate, you can store it, along with the private key file, anywhere on the server where they will be used. Any GroupWise agent (MTA, POA, DVA, or GWIA) that is running on the server can use the certificate and private key when using SSL for secure connections.



Configuration file. By providing a configuration file, you do not need to fill in the fields manually every time you run the Generate CSR utility.


This program normally runs as root.


Starts the Generate CSR utility. If you have supplied a configuration file, the fields are filled in based on the data in the configuration file.


Copyright 2004-2012, Novell, Inc.. All rights reserved.

See Also

To report problems with this software or its documentation, visit Novell Bugzilla..