Create certificate for GroupWise with openSSL

  • 7008885
  • 23-Jun-2011
  • 27-Apr-2012

Environment


Novell GroupWise 8 Support Pack 1
Novell GroupWise 8 Support Pack 2

Situation

Some CA don't accept a Certificate Signing Request (CSR) generate with the gwcsrgen utility.

Resolution

When a CA doesn't accept the CSR generated with gwcsrgen utility, you can create a CSR and key file with openSSL.

The following steps could be a solution:
  1. First create a CSR and a key file:
    openssl req  -newkey rsa:2048 -nodes -keyoutyourkey.key -outyourkey.csr
    openSSL will request for more information. Please provide this information.
  2. Send the yourkey.csr to the CA.
  3. For GroupWise on the key file a password is needed. If no password has been set, the certificate will not be used. To set the password use the following command
    openssl rsa -in yourkey.key -des -out yourkey.key
  4. It is very likely that the file returned by the CA is in the wrong format. To convert the file to the correct format use the following:
    openssl pkcs12 -export -in CAfile.pem -inkey yourkey.key -out yourkey.p12 -name"yourname"
  5. Follow the instructions in the documentation to set the Certificate for GroupWise.