Help with NetWare 6.5, GroupWise 6.5 and SSL web access

Greetings,

I am in need of some assistance with a project that I have been tasked
with.  I haven't worked with NetWare for at least four years... have
been doing the UNIX thing.

The company that I work for is using Novell NetWare 6.5 and GroupWise
6.5 for their email needs.  The issue that I'm trying to address is
related to SSL encryption between remote users and our email WebAccess
server, which is Apache 2.x running on a Novell NetWare 6.5 Server in
our DMZ.

Our server is configured to use SSL, but it's a self signed
certificate.  I have been asked to install a Chained root 128 bit
Wildcard SSL certificate.  The problem I have is this... where and how
is this done?

I have been told that I do not need to replace the current self signed
certificate because that is used for server to server communication.  I
was also told that all I had to do is enter the SSL directives in my
httpd.conf file and provide a path to the certificate and key file and
everything would be fine.

I used the GWCSRGEN.exe utility to generate the .csr file and sent it
off for signing.

I have tried this using the following syntax in my httpd.conf file:

SSLCertificateFile \apache2\conf\public.crt
SSLCertificateKeyFile \apache2\conf\public.key
SSLCACertificateFile \apache2\conf\chain.crt

Any help would be greatly appreciated.

0
CL
3/14/2005 5:47:49 PM
novell.groupwise.6x.web-access 3846 articles. 0 followers. Follow

1 Replies
818 Views

Similar Articles

[PageSpeed] 57

CL wrote:

> Our server is configured to use SSL, but it's a self signed
> certificate.  I have been asked to install a Chained root 128 bit
> Wildcard SSL certificate.  The problem I have is this... where and how
> is this done?

You need to create a CSR with consoleone, then send it off to the 
authority to gen your cert. When they return it, you import it back into 
eDirectory. What you end up with is a KMO (key material object) 
representing your woldcard cert.

> I have been told that I do not need to replace the current self signed
> certificate because that is used for server to server communication.  I
> was also told that all I had to do is enter the SSL directives in my
> httpd.conf file and provide a path to the certificate and key file and
> everything would be fine.

This is incorrect. You say you want to secure the link between browser 
and web server, correct? If so, then you DO need a real cert, unless you 
want to put up with the browser complaint that the novell cert is not 
signed by a trusted authority...

> I used the GWCSRGEN.exe utility to generate the .csr file and sent it
> off for signing.
> 
> I have tried this using the following syntax in my httpd.conf file:
> 
> SSLCertificateFile \apache2\conf\public.crt
> SSLCertificateKeyFile \apache2\conf\public.key
> SSLCACertificateFile \apache2\conf\chain.crt

gwcsrgen is ONLY used when you need to mint certificates to SSL-ize the 
links between various *groupwise* objects (eg, webaccess agent to poa, 
poa to mta, etc). It does *not* have anything to do with securing 
browser-to-web server, which is what you want.

For instructions on creating the CSR with consoleone, check here

http://www.digicert.com/csr-creation-novell-consoleone.htm

Once you get the CSR back from the authority, use these instructions to 
import it:

http://www.digicert.com/ssl-certificate-installation-novell-consoleone.htm

Once THAT is done, you simply edit the apache conf file to point the 
SecureListen directive at the name of your new KMO (certificate)

-- 
Jim
NSC SYsop
0
Jim
3/14/2005 7:17:21 PM
Reply:

Web resources about - Help with NetWare 6.5, GroupWise 6.5 and SSL web access - novell.groupwise.6x.web-access

GroupWise - Wikipedia, the free encyclopedia
GroupWise is a messaging and collaboration platform from Novell that supports email , calendaring , personal information management , instant ...

BlackBerry Enterprise IM Clients (OCS, Sametime, GroupWise) Get v2.5 Update
Most of RIM's enterprise-specific BlackBerry instant messaging and collaboration clients have been updated to version 2.5, adding credence to ...

Los Angeles goes Google; dumps GroupWise; shuns Microsoft; ignores IBM
The City of Los Angeles has had it with GroupWise, and will replace it with Google Apps. It's a big win for la GOOG, especially as it beat Microsoft ...

Collaboration: Novell Releases GroupWise 2014
Novell has put the finishing touches on GroupWise 2014, marking the first time the company has updated the collaboration platform since 2012. ...

Novell GroupWise goes mobile with iPhone support
The company’s new mobile solution will work with any ActiveSync-enabled device Novell's messaging and collaboration platform, GroupWise, has ...

No One Cares That Novell Has A New Version of GroupWise
Today Novell released its 2012 version of its email software GroupWise , and the announcement was greeted by most with a big yawn. GroupWise? ...

Kernel for Novell GroupWise to Outlook
Kernel for Novell GroupWise to Outlook is a professional tool for the migration of GroupWise mailboxes to MS Outlook. Many GroupWise...

App Store - DejaOffice
Get DejaOffice on the App Store. See screenshots and ratings, and read customer reviews.

Email - Wikipedia, the free encyclopedia
Electronic mail , commonly known as email or e-mail , is a method of exchanging digital messages from an author to one or more recipients. Modern ...

SBS looks to Cloud services - cloud computing, email, GroupWise, Klaus Schelp, Microsoft Office 365 ...
When Klaus Schelp started at SBS at the beginning of this year he focused on business outcomes ahead of technology operations. As the head of ...

Resources last updated: 1/18/2016 11:03:31 PM