How to Add a SSL Certificate to the Secure Messaging Gateway Server

  • 7023454
  • 18-Oct-2018
  • 18-Oct-2018

Environment

GWAVA (Secure Messaging Gateway) 7

Situation

How do I add a SSL certificate to the SMG server?

Resolution

SMG requires that you have a key and crt file in order to use SSL for incoming and outgoing messages with TLS.

Tip: For ease, and convenience it is recommended to copy the .key and .crt files to the SMG server. Go to /opt/gwava and create a directory called certs (make sure you have root access after logging in as the gwava user. You can do this by typing: sudo su ) Place all the SSL files in the directory. This makes it easy to know where the SSL files are located, and to add in the path into the SMG configuration. It is also helpful if you need to contact support.

1) You will need a .crt and .key file.

You can use certificate files that are already in use in your system or you can create new ones.
If you need help creating these files follow the steps in the following article:

Generating A Certificate - SSL

2) Copy the certificate and key files to the SMG server.

The default location to place these files on the server is /opt/gwava/certs.
If this directory does not exist it can be created. It is not required to place the files in this location. They can be put in any folder as long as the path to the files is known.

Note: When using winscp, you will have to place them in the /home/gwava directory since you can't gain root access with this tool. Then you can move them from the prompt to the certs directory by typing: mv <filename> /opt/gwava/certs .

3) Configure their location in the SMG System Administration web page.
Go to Module Management | Interfaces | SMTP Interface Manager | SMTP Interface | SSL

Add the exact path where the .crt and .key files are located in the 'SSL certificate file' and 'SSL key file' fields and add the key password to 'SSL pass phrase' field if required.



Save the changes.

An intermediate certificate can be added optionally as well. Make sure to add all files for the intermediate certificate to the certs directory, as well as adding the path in the 'SSL certificate chain file' field.

The cipher list is also optional.

4) Restart all the modules by going to Module Management | Module Status and click on Restart All.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.