Environment
GWAVA (Secure Messaging Gateway) 7
GroupWise 18
GroupWise 18
Situation
You have received commercial certificates which you want to apply also for SMG appliance.
Under Modules Management -> Interfaces -> SMTP Interface Manager -> your SMTP profile -> SSL you have enabled SSL/TLS settings and filled in the certificate, the key and also a passphrase.
However, this does not seem to work and in the SMTP logs of your SMG you see complaints over starting SSL/TLS conversations with other hosts that support secured SMTP.
Resolution
There is currently a bug on SMG site affecting cases where certificates were delivered with the passphrase string.
A current workaround is to remove the passphrase from certificates.
You can use openssl tool from Linux, i.e. directky from SMG appliance.
Run this command:
openssl rsa -in [original.key] -out [new.key]
Encrypted headers look like this:
openssl rsa -in [original.key] -out [new.key]
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,
6BD407785DD187EF...
-----END RSA PRIVATE KEY-----
Unencrypted headers look like this:
-----BEGIN RSA PRIVATE KEY-----
6BD407785DD187EF...
-----END RSA PRIVATE KEY-----
openssl rsa -in [original.key] -out [new.key]
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,
6BD407785DD187EF...
-----END RSA PRIVATE KEY-----
Unencrypted headers look like this:
-----BEGIN RSA PRIVATE KEY-----
6BD407785DD187EF...
-----END RSA PRIVATE KEY-----
Additional Information
OCTIM52D112104 Unable to use SSL connections.