How to create a self-signed certificate for Novell Messenger

  • Document ID:7010671
  • Creation Date:23-Aug-2012
  • Modified Date:16-Nov-2020
    • Micro Focus Products:
      GroupWise Messenger

Environment

Novell Messenger 2.x
Novell Messenger 3.x

Situation

How to create a self-signed certificate for Novell Messenger

Resolution

Before Novell Messenger can use SSL encryption, a certificate must be configured. A certificate is created by creating a private key, generating a certificate signing request (CSR) and having it signed or issued by a certificate authority (CA). The signed response from the CA is referred to as the public certificate or key. Below are the steps to create a self-signed SSL Certificate with its' corresponding SSL Key File and implement them with Novell Messenger:

  1. Generate a Private Key by following the steps listed below. Proceed with the following from a terminal window:
    • Type openssl genrsa -des3 -out server.key 2048 and press Enter.
    • Type the pass phrase to protect the key and press Enter.
    • Re-enter the pass phrase to protect the key.

  2. Generate a Certificate Signing Request by following the steps listed below:
    • Type openssl req -new -key server.key -out server.csr and press Enter.
    • Enter the pass phrase of private key when asked for. This is the same pass phrase that was entered in Step 1.
    • Fill in the Country Name, State or Province Name, Locality Name, Organization Name,Organizational Unit Name, Common Name, Email Address. Common Name is very important as this is the DNS name that the client will use to connect to the server.
    • When asked for Challenge password and optional company name, leave it blank.

  3. Generate a Self-Signed Certificate:
    • Type openssl x509 -req -days 730 -in server.csr -signkey server.key -out server.crt and press Enter. Increase or decrease 730 as needed. This is the number of days the certificate is valid for.
    • Enter the pass phrase of the Private Key. This is the same pass phrase that was entered in Step 1
    • Type cp server.crt server.key /opt/novell/messenger/certs/ and press Enter.

  4. Once the certificate and private key file are available on the server where the Messenger Agents run, proceed to configure the Messenger Server Object to use SSL encryption from ConsoleOne.
    • Browse to and right-click the Server object in your Messenger System, then click Properties.
    • Click Server > Security.
    • Provide the path to the certificates: /opt/novell/messenger/certs/
    • Specify the SSL Certificate (server.crt) and the SSL Key File (server.key) created from the previous section.
    • Select Set Password and enter the password from Step 1
    • Select Enable SSL
    • Click OK to save the security settings.
    • Restart the Messenger agent. From a terminal window: type rcnovell-nmma restart and press Enter.

Additional Information

(optional) Follow TID 7013103 - How to create a .pem File for SSL Certificate Installations, requires the following files:

  • Private Key
  • Server Certificate (crt, puplic key)
  • (optional) Intermediate CA and/or bundles if signed by a 3rd party


https://www.novell.com/documentation/novell_messenger22/messenger22_admin/data/b2n5igt.html#b2n5mf6