Novell GroupWise Messenger 2
SSL for GroupWise Messenger not working
Here is a list of troubleshooting steps that can be taken to determine if SSL is correctly configured on GroupWise Messenger.
- First step to do is temporarily disable SSL authentication in the messenger startup file to verify Messenger agent can start and authenticate without SSL over port 389
- The default location for this is under /etc/opt/novell/messenger. Open and modify the strtup.ma file
- Search for the switch --ldapport=636 and change it to --ldapport=389
Restart Messenger agent with ./novell-nmma restart to see if it's able to authenticate, if so, this tells there is either an issue with LDAP listening over this port or bad certificates
Next type ldapsearch -x -H ldaps://<ipaddress> into the terminal to see if ldap is listening over port 636. Type the ldapserver IP in place of <ipaddress>
If the console starts getting flooded with text, then ldap is reading over port 636. Type ctrl+c to exit the ldapsearch. If ldap is not reading over 636, it's generally an issue with certificates either being bad, expired, or they've been replaced but not updated in the opt/novell/messenger/certs folder
- Verify the certicates for this ldapserver are valid and not expired
- If they're good, try exporting the certificate and copying to /opt/novell/messenger/certs
- Try another ldapsearch -x -H ldaps://<ipaddress>
If getting a flood of text, it tells us ldap is able to read over secure port 636. Press ctrl+c to exit the ldapsearch
- Make sure to change the ldap port back to 636 in the strtup.ma file
- Restart Messenger
Usually the certificate is either bad/expired or has been updated but not exported and copied over tot he /opt/novell/messenger/certs location.