Server Certificates And Ssl Encryption; Generating A Certificate Signing Request - Novell GROUPWISE 7 - SECURITY ADMINISTRATION Manual
Hide thumbs
Also See for GROUPWISE 7 - SECURITY ADMINISTRATION:
- Installation manual (328 pages) ,
- Installation and administration manual (108 pages) ,
- Manual (74 pages)
Table of Contents
Advertisement
71.2 Server Certificates and SSL Encryption
You should strengthen native GroupWise encryption with Secure Sockets Layer (SSL)
communication between servers where GroupWise agents are installed. If you have not already set
up SSL on your system, you must complete the following tasks:
Section 71.2.1, "Generating a Certificate Signing Request," on page 1119
Section 71.2.2, "Using a GWCSRGEN Configuration File," on page 1120
Section 71.2.3, "Submitting the Certificate Signing Request to a Certificate Authority," on
page 1121
Section 71.2.4, "Creating Your Own Certificate," on page 1121
Section 71.2.5, "Installing the Certificate on the Server," on page 1123
Section 71.2.6, "Configuring the Agents to Use SSL," on page 1123
If you have already set up SSL on your system and are using it with other applications besides
GroupWise, skip to
Section 71.2.6, "Configuring the Agents to Use SSL," on page
71.2.1 Generating a Certificate Signing Request
Before the GroupWise agents can use SSL, you must create a Certificate Signing Request (CSR) and
obtain a public certificate file. The CSR includes the hostname of the server where the agents run.
Therefore, you must create a CSR for every server where you want the GroupWise agents to use
SSL. However, all GroupWise agents running on the same server can all use the same resulting
certificate, so you do not need separate CSRs for different agents. The CSR also includes your
choice of name and password for the private key file that must be used with each certificate. This
information is needed when configuring the agents to use SSL.
One way to create a CSR is to use the GWCSRGEN utility. This utility takes the information you
provide and creates a .csr file from which a public certificate file can be generated.
1 Start the GroupWise Generate CSR utility.
Linux:
The utility (gwcsrgen) is installed to the /opt/novell/groupwise/agents/bin
directory. You must be logged in as root to start the utility.
Windows:
The utility (gwcsrgen.exe) is located in the \admin\utility\gwcsrgen
directory either on the GroupWise 7 Administrator for NetWare/Windows CD or in the
GroupWise software distribution directory.
1123.
Encryption and Certificates 1119
Advertisement
Table of Contents
Need help?
Do you have a question about the GROUPWISE 7 - SECURITY ADMINISTRATION and is the answer not in the manual?