Generating a Self-Signed Certificate for the Groups Web Interface

About this task

To make an SSL connection more secure, it is recommended that you generate your own self-signed certificate. The following instructions assume that OpenSSL is installed on the system; see http://www.openssl.org/ for more information.

To generate a self-signed certificate:

Follow these steps

  1. At the command line, log in as the PureMessage user (by default "pmx6").
  2. Change to the /opt/pmx6/etc/manager/httpd2/ directory beneath the root PureMessage installation directory.
  3. Back up pmx-cert.cert and pmx-cert.pem by running the following commands:
    Example:
    mv pmx-cert.cert backup-pmx-cert.cert
    mv pmx-cert.pem backup-pmx-cert.pem
  4. Generate a new pmx-cert.pem file with the following command:
    Example:
    pmx-cert --dns=<fully qualified domain name of Groups UI server>
    --email ="<Administrator's email address>" --ip=<IP address of Groups UI server>
    --url=http://<fully qualified domain name of Groups UI server>
  5. Ensure that the SSLCertificateFile option in the /opt/pmx6/etc/manager/httpd2/ssl.conf file is set to /opt/pmx6/etc/manager/httpd2/pmx-cert.pem
  6. Restart the HTTP (RPC/UI) service with:
    Example:
    pmx-httpd stop; httpd