Novell Home

My Favorites

Close

Please to see your favorites.

How to create a self-signed certificate for Novell Messenger

This document (7010671) is provided subject to the disclaimer at the end of this document.

Environment

Novell Messenger

Situation

How to create a self-signed certificate for Novell Messenger

Resolution

Before Novell Messenger can use SSL encryption, a certificate must be created by generating a certificate signing request (CSR) and having it issued by a certificate authority (CA). A private key must also be used with each certificate. Below are the steps to create a self-signed SSL Certificate with its' corresponding SSL Key File and implement them with Novell Messenger:

  1. Generate a Private Key by following the steps listed below. Proceed with the following from a terminal window:
    • Type openssl genrsa -des3 -out server.key 2048 and press Enter.
    • Type the pass phrase to protect the key and press Enter.
    • Re-enter the pass phrase to protect the key.

  2. Generate a Certificate Signing Request by following the steps listed below:
    • Type openssl req -new -key server.key -out server.csr and press Enter.
    • Enter the pass phrase of private key when asked for. This is the same pass phrase that was entered in Step 1.
    • Fill in the Country Name, State or Province Name, Locality Name, Organization Name,Organizational Unit Name, Common Name, Email Address. Common Name is very important as this is the DNS name that the client will use to connect to the server.
    • When asked for Challenge password and optional company name, leave it blank.

  3. Generate a Self-Signed Certificate:
    • Type openssl x509 -req -days 730 -in server.csr -signkey server.key -out server.crt and press Enter. Increase or decrease 730 as needed. This is the number of days the certificate is valid for.
    • Enter the pass phrase of the Private Key. This is the same pass phrase that was entered in Step 1
    • Type cp server.crt server.key /opt/novell/messenger/certs/ and press Enter.

  4. Once the certificate and private key file are available on the server where the Messenger Agents run, proceed to configure the Messenger Server Object to use SSL encryption from ConsoleOne.
    • Browse to and right-click the Server object in your Messenger System, then click Properties.
    • Click Server > Security.
    • Provide the path to the certificates: /opt/novell/messenger/certs/
    • Specify the SSL Certificate (server.crt) and the SSL Key File (server.key) created from the previous section.
    • Select Set Password and enter the password from Step 1
    • Select Enable SSL
    • Click OK to save the security settings.
    • Restart the Messenger agent. From a terminal window: type rcnovell-nmma restart and press Enter.

Additional Information

(optional) Follow TID 7013103 - How to create a .pem File for SSL Certificate Installations, requires the following files:

  • Private Key
  • Server Certificate (crt, puplic key)
  • (optional) Intermediate CA and/or bundles if signed by a 3rd party


http://www.novell.com/documentation/novell_messenger22/messenger22_admin/data/b2n5igt.html#b2n5mf6

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7010671
  • Creation Date:23-AUG-12
  • Modified Date:26-AUG-13
    • NovellMessenger

Did this document solve your problem? Provide Feedback