Home

My Favorites

Close

Please to see your favorites.

How to create a 3rd party certificate for GroupWise

This document (7013249) is provided subject to the disclaimer at the end of this document.

Environment

Novell GroupWise 2012
Novell GroupWise 8

Situation

How to create a Third-Party Trusted certificate for GroupWise agents (SSL / TLS)

Resolution

The steps listed below will generate a trusted 3rd-party certificate that the GroupWise agents can use to communicate through SSL. Please make a directory that the agents will be able to access for these certificates (i.e. /root/certs). Open a terminal window and cd to this directory.
 
  1. Download, extract and run the certificate script:
    • Download certs.tgz and unpackage: tar xzf certs.tgz
    • Run certs.sh: ./certs.sh
    • Select Generate CSR + key only for 3rd party signing
  2. Generating the Private Key and CSR:
    • Select Self-Signed Certificate
    • Private Key:
      • Provide the path for a working directory to store these certificate files in.
      • Type the pass phrase to protect the key and press [Enter]
      • Re-enter the pass phrase.
    • Certificate-Signing Request (CSR):
      • Fill in the Country Name, State or Province Name, Locality Name, Organization Name, Organizational Unit Name, Common Name, Email Address. The Common Name should be the DNS name of the server (i.e. groupwise.novell.com).
      • When asked for a Challenge password and optional company name, leave it blank.
    • Send the Certificate-Signing Request (CSR) to the third party for response files and signing.
  3. Follow TID 7013103 - How to create a .pem File for SSL Certificate Installations, requires the following files:
    • Private Key
    • Server Certificate (crt, puplic key)
    • (optional) Intermediate CA and/or bundles if signed by a 3rd party
  4. Implement the certificate, select from the following options:
    • (Option A) Configure the Agent(s) to use SSL through ConsoleOne:
      • From ConsoleOne, right-click the agent object, then click Properties.
      • Click GroupWise | SSL Settings to display the SSL Settings page.
      • Using the .pem file created in Step 3, provide the path to this file only in the Certificate field (ignoring the Key File and Set Password portion). The path is from the perspective of the agent. By default, the agent looks for the certificate file and SSL key file in the same directory where the agent executable is located, unless you provide a full path name. The Set Password field is the same password generated from Step 1.
      • If you want to define which connections use SSL, select GroupWise | Network Address and configure the SSL settings for the preferred connections. This step enables SSL on the agent for particular protocols.
      • Click OK to save your changes.
    • (Option B) See TID 7010584 - How to setup SSL certificate for apache

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7013249
  • Creation Date:11-SEP-13
  • Modified Date:24-OCT-13
    • NovellGroupWise

Did this document solve your problem? Provide Feedback