The GroupWise Mobility Service works out of the box with a self-signed certificate, but this certificate is not always picked up that well by mobile devices. We installed a wildcard godaddy certificate, read here how I did it.
(tested with a godaddy certificate which was imported to eDirectory. And tested with a Comodo certificate in P12 format)
Create an export of the public key and the private key in iManager. The file created is a .pfx file.
The Comodo certificate was in P12 format, but the actions stay the same.
Copy the file to the linux server and run the following commands:
Export the private key file from the pfx file
openssl pkcs12 -in filename.pfx -nocerts -out key.pem
Export the certificate file from the pfx file
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
This removes the passphrase from the private key so Apache won’t
prompt you for your passphase when it starts
openssl rsa -in key.pem -out server.key
Concatenate the certificates:
cat server.key >> cert.pem
Create a backup of:
and run the following commands:
cp cert.pem /var/lib/datasync/webadmin/server.pem
cp cert.pem /var/lib/datasync/device/mobility.pem
For mobile devices create a .cert file via:
openssl x509 -in mobility.pem -inform PEM -out mobility.cer -outform DER
and place the mobility.cer file next to the mobility.pem file in the /var/lib/datasync/device/ directory
Restart the datasync server:
Go to https://<url of the datasync-server> and check if the certificate is active.