[ngw] Admin service SSL certificate questions
James.Taylor at eastcobbgroup.com
Thu Jun 22 17:49:12 UTC 2017
Try adding a -CAfile switch point to the CA cert file.
james.taylor at eastcobbgroup.com
>>> "David Gerisch" <DGerisch at co.tulare.ca.us> 6/22/2017 1:31 PM >>>
I forgot to mention that the command to check what the server sees is an
openssl s_client -host <insert hostname here> -port 9710
After it goes through checking, and reporting what SSL certificates are
being used, you will have to hit Control-C to break out.
>>> "David Gerisch" <DGerisch at co.tulare.ca.us> 6/22/2017 10:25 AM >>>
I'm trying to do some scripting against the GroupWise Administration
Service, and I'm running into SSL errors, because my certificates
configured correctly (apparently). Two questions:
Question 1) If the primary domain admin service certificate has a
common name of CN=TULARE_COUNTY-CA but my post office server admin
service certificate says CN=INSTALL-CA - is that probably the source
my problem? The post office server says the certificate chain
and the primary domain admin service certificate is none of those.
problem that I'm getting is that during the SSL negotiation phase of
connecting to the admin service on the local machine, I get
Question 2) It doesn't look very hard to replace the certificates -
what are the implications / side effects?
It looks like all I have to do is run gwadminutil-certinst per the
documentation. But I don't know if that's going to cause any
or need any sort of service restarts or such. Does it affect the way
clients connect to the POA?
More information about the ngw