How to import 3rd party commercial certificates into "Messenger certificate chains"

  • 7024408
  • 04-Feb-2020
  • 04-Feb-2020


Messenger 18.2


How can I import 3rd party commercial certificates into the Messenger certificate chains


Note:  This example shown below refers to GoDaddy SSL or wildcard certificate files to illustrate this procedure :

  - Have your Server, intermediate and root certificate and .key file ready.

Procedure taken largely from :

Creating a .pem with the Entire SSL Certificate Trust Chain :

1.  Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

   The Primary Certificate - Server certificate 123456789012345.crt

   The Intermediate Certificate - Bundle file gd_bundle-g2-g1.crt

   The Root Certificate - gdroot-g2.crt

Make sure to include the beginning and end tags on each certificate. The result should look like this:

(Your Primary SSL certificate: your_domain_name.crt)
(Your Intermediate certificate: DigiCertCA.crt)
(Your Root certificate: TrustedRoot.crt)

2.  Save the combined file as "your_domain_name.pem". The .pem file is now ready to use.

  Import new .pem file into the Messenger certificate chain files :

3.  As a precaution, make a backup copy of the current Messenger ./certs/ directory in 
/opt/novell/messenger/certs .

4.  Copy the "your_domain_name.pem" file from above step number 2 onto the Messenger server in 
/opt/novell/messenger/certs directory .

5.  Copy your .key file into onto the Messenger server in 
/opt/novell/messenger/certs directory .

6.  Cd to your Messenger /opt/novell/messenger/ directory

7.  Execute the ./ script, when you get to the question :

"Do you want to manually configure SSL for the Messenger services?
Choose 'n' to automatically configure SSL.
Choose 'y' to configure with your own certificates (recommended).  (y/n) [y]:  "

TYPE a "y" character and press ENTER to configure your own certificates, "ENTER path to the SSL Certificate file", the .pem file you created in above step # 4.  Continue and answer the questions as appropriate.

8.  When the script is completed, Messenger will restart and have the new SSL certificate information
in it's certificate chain files.

You can confirm this with this command at the Messenger terminal as "root" :

  openssl x509 -in arangod.pem -noout -text