How to change the SSL Certificate on SLES 9 for GroupWise WebAccess (novell-httpd)
(Last modified: 10Jan2006)
This document (10096824) is provided subject to the disclaimer at the end of this document.
goal
How to change the SSL Certificate on SLES 9 for GroupWise WebAccess (novell-httpd)
How to set up the SSL Certificate on SLES 9 for GroupWise WebAccess (novell-httpd)
fact
Novell Suse Linux Enterprise Server 9
Novell eDirectory 8.7.3
Novell GroupWise 6.5
symptom
The name on the Security Certificate is invalid or does not match the name of the site
fix
Since GroupWise installs a separate instance of Apache and Tomcat, configuring or changing the SSL Certificate for this instance of Apache and Tomcat is slightly different. Follow the steps listed below on SLES with GroupWise WebAccess Agent and Application installed.
Please follow all the steps if you wish to generate a Certificate and sign it using Novell Certificate Server. Please follow steps 17-29 if you already have a Certificate file and a Key file.
2. Type "sux -"
3. Enter root's password
4. Type "cd /etc/opt/novell/httpd/conf/ssl.crt" without the quotes and press Enter
5. Type "openssl genrsa -out privkey.pem" without the quotes and press Enter
6. Type "openssl req -new -key privkey.pem -out cert.csr" without the quotes and press Enter
7. Fill in the Country Name. State or Province Name, Locality Name, Organization Name, Organizational Unit Name, Common Name, E-mail Address, Challenge Password and an Optional Company Name. (All of the fields can be left blank. Give importance while entering Common Name. For eg. If domain name is www.novell.com, Enter www.novell.com in Common Name)
8. Switch to ConsoleOne
9. Click Tools | Issue Certificate
10. Browse to "/etc/opt/novell/httpd/conf/ssl.crt/cert.csr" and click Next
11. Select "Organizational certificate authority" and click Next
12. Select "SSL or TLS" and click Next
13. Click Next or change the Validity period and click Next. The default is 1 year
14. Click Finish
15. Select "File in Base64 format" and provide the path "/etc/opt/novell/httpd/conf/ssl.crt/Cert.b64"
16. Click Save
17. Switch back to a Shell-Konsole
18. Type "cd /etc/opt/novell/httpd/gconf.d" without quotes and press Enter
19. Type "vi sslvhost.conf" without the quotes and press Enter
20. Comment out "SSLCertificateFile /etc/opt/novell/httpd/conf/ssl.crt/server.pem" line by inserting a # symbol at the beginning of the line
21. Below the above line type "SSLCertificateKeyFile /etc/opt/novell/httpd/conf/ssl.crt/privkey.pem" without the quotes (This path should point to the Key file which may have any other extension than pem)
22. Below the above line type "SSLCertificateFile /etc/opt/novell/httpd/conf/ssl.crt/Cert.b64" without the quotes (This path should point to the Certificate file which may have any other extension than b64)
23. Save the file
24. Type "cd /etc/rc.d/" without quotes and press Enter
25. Type "vi novell-httpd" without quotes and press Enter
26. Search for the line that begins with KEYFILE and change it to
KEYFILE=/etc/opt/novell/httpd/conf/ssl.crt/privkey.pem (This path should point to the Key file which may have any other extension than pem)
27. Save the file
28. Restart the WebServer by typing "/etc/rc.d/novell-httpd restart" without the quotes
document
| Document Title: | How to change the SSL Certificate on SLES 9 for GroupWise WebAccess (novell-httpd) |
| Document ID: | 10096824 |
| Solution ID: | NOVL101225 |
| Creation Date: | 03Mar2005 |
| Modified Date: | 10Jan2006 |
| Novell Product Class: | GroupWise Client/Admin |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.