GW Messenger Certs

I am upgrading my messenger 2.1 to 2.2. I also will be creating a new Certificate Authority and new certs since our CA will expire in a couple of months. I need to create 2 certs for our Messenger.
I found how to create the first one here Support | How to create a self-signed certificate for Novell Messenger.
I still have not found how to create the second cert for ldapssl. Our current strtup.ma has the lines listed below for the cert and is working fine, but like I said it will be expiring soon. Does anyone have
Instructions on how to create the cert for the /ldapsslkey?

;------------------------------------------------------------------------
; Specifies the SSL Key file name such as gwkey.der This switch is used
; for failover mode.
;------------------------------------------------------------------------
/ldapsslkey-c:\Novell\NM\certs\Msger_enterprise.der

Thank you,
John

Tags:

  • Hi,

    You can only do the following after you have recreated your expiring CA as the ldapssl certificate is tied to that of the CA.

    In iManager go to Directory Administration | Modify Object. Browse to your Security container and select the CA for your tree. On the Certificates tab make sure that the Self Signed Certificate is selected. You may need to validate it first. Then export it in binary DER format and give it a file name. Save the file to the necessary location.

    You can do this using ConsoleOne if you would prefer.

    Perhaps for "easy" sake, just give it the same name as the existing cert - that way you don't need to update the startup file.

    Let us know how it goes.

    Cheers,
  • Laura,
    I generated the cert fine in our test environment following your instructions. Thank you for the clear instructions. I will be doing the live upgrade and do not foresee any problems.
    Our messenger is installed on a windows server. I would like to note that there are 2 strtup files. One for the messenger agent and one for the archive agent in different directories.
    I needed to modify both files for the certs. That threw me off for a bit, hope at helps someone else in the future.
    Thank You,
    John
  • Hi John,

    Thanks for the information. Glad that you came right. Thank you for posting back :)

    Cheers,
  • jjn0002;2296504 wrote:
    I am upgrading my messenger 2.1 to 2.2. I also will be creating a new Certificate Authority and new certs since our CA will expire in a couple of months. I need to create 2 certs for our Messenger.
    I found how to create the first one here Support | How to create a self-signed certificate for Novell Messenger.
    I still have not found how to create the second cert for ldapssl. Our current strtup.ma has the lines listed below for the cert and is working fine, but like I said it will be expiring soon. Does anyone have
    Instructions on how to create the cert for the /ldapsslkey?

    ;------------------------------------------------------------------------
    ; Specifies the SSL Key file name such as gwkey.der This switch is used
    ; for failover mode.
    ;------------------------------------------------------------------------
    /ldapsslkey-c:\Novell\NM\certs\Msger_enterprise.der

    Thank you,
    John


    Spent a few hours today struggling to get SSL working, but the link you provided SSL sorted in about 5mins! Cheers.
  • Hi,

    Thanks for your positive feedback - we, as a community, are here to share knowledge and learn from one another. So glad that it worked out for you.

    Cheers,