How to import 3rd party commercial certificates into "Messenger certificate chains"

  • Document ID:7024408
  • Creation Date:04-Feb-2020
  • Modified Date:04-Feb-2020
    • Micro Focus Products:
      GroupWise Messenger

Environment

Messenger 18.2

Situation

How can I import 3rd party commercial certificates into the Messenger certificate chains

Resolution

Note:  This example shown below refers to GoDaddy SSL or wildcard certificate files to illustrate this procedure :

  - Have your Server, intermediate and root certificate and .key file ready.

Procedure taken largely from :
https://www.digicert.com/kb/ssl-support/pem-ssl-creation.htm

Creating a .pem with the Entire SSL Certificate Trust Chain :
-------------------------------------------------------------

1.  Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

   The Primary Certificate - Server certificate 123456789012345.crt

   The Intermediate Certificate - Bundle file gd_bundle-g2-g1.crt

   The Root Certificate - gdroot-g2.crt


Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: DigiCertCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: TrustedRoot.crt)
-----END CERTIFICATE-----

2.  Save the combined file as "your_domain_name.pem". The .pem file is now ready to use.



  Import new .pem file into the Messenger certificate chain files :
  ----------------------------------------------------------------

3.  As a precaution, make a backup copy of the current Messenger ./certs/ directory in 
/opt/novell/messenger/certs .

4.  Copy the "your_domain_name.pem" file from above step number 2 onto the Messenger server in 
/opt/novell/messenger/certs directory .

5.  Copy your .key file into onto the Messenger server in 
/opt/novell/messenger/certs directory .

6.  Cd to your Messenger /opt/novell/messenger/ directory

7.  Execute the ./configure.sh script, when you get to the question :

"Do you want to manually configure SSL for the Messenger services?
Choose 'n' to automatically configure SSL.
Choose 'y' to configure with your own certificates (recommended).  (y/n) [y]:  "


TYPE a "y" character and press ENTER to configure your own certificates, "ENTER path to the SSL Certificate file", the .pem file you created in above step # 4.  Continue and answer the questions as appropriate.

8.  When the configure.sh script is completed, Messenger will restart and have the new SSL certificate information
in it's certificate chain files.

You can confirm this with this command at the Messenger terminal as "root" :

  openssl x509 -in arangod.pem -noout -text