Environment
Novell GroupWise 8 Support Pack 1
Novell GroupWise 8 Support Pack 2
Situation
Some CA don't accept a Certificate Signing Request (CSR) generate
with the gwcsrgen utility.
Resolution
When a CA doesn't accept the CSR generated with gwcsrgen utility,
you can create a CSR and key file with openSSL.
The following steps could be a solution:
The following steps could be a solution:
- First create a CSR and a key file:
openssl req -newkey rsa:2048 -nodes -keyoutyourkey.key -outyourkey.csr
openSSL will request for more information. Please provide this information. - Send the yourkey.csr to the CA.
- For GroupWise on the key file a
password is needed. If no password has been set, the certificate
will not be used. To set the password use the following
command
openssl rsa -in yourkey.key -des -out yourkey.key - It is very likely that the file returned by the CA is in the
wrong format. To convert the file to the correct format use the
following:
openssl pkcs12 -export -in CAfile.pem -inkey yourkey.key -out yourkey.p12 -name"yourname" - Follow the instructions in the documentation to set the
Certificate for GroupWise.