To Configure MMP with SSL

Steps

1. If you have installed the Admin Server, use the Admin Console to install an SSL server certificate. Otherwise use the NSS tools to do this. See Network Security Services Tools

   See Managing Servers with iPlanet Console 5.0.

2. If you have installed the Admin Server, from the command line, make the following symbolic links to simplify things:

   cd msg_svr_base/config ln -s /var/mps/serverroot/alias/admin-serv-instance-cert7.db cert7.db ln -s /var/mps/serverroot/alias/admin-serv-instance-key3.db key3.db

   Also, make sure that those files are owned by the system ID under which the MMP will run. current version of Messaging Server supports the new certificate database format (cert8.db).

3. Since the sslpassword.conf file is set during the initial Messaging Server runtime configuration, you do not need to set one up. See Creating the Initial Messaging Server Runtime Configuration

   ---

   Note –

   An alternative approach to steps 1-8 is to copy the following files: cert7.db, key3.db, secmod.db, and sslpassword.conf from an existing Messaging or Directory Server. These servers must have a server certificate and a key appropriate for the same domain already installed.

   ---

4. Edit the ImapProxyAService.cfg file and uncomment the relevant SSL settings.

5. If you want SSL and POP, edit the PopProxyAService.cfg file and uncomment the relevant SSL settings.

   Additionally, you must edit the AService.cfg file and add |995 after the 110 in the ServiceList setting.

6. Make sure that the BindDN and BindPass options are set in the ImapProxyAService.cfg and PopProxyAService.cfg files.

   You should also set the DefaultDomain option to your default domain (the domain to use for unqualified user names).

   If you just want server-side SSL support, you are finished. Start the MMP with the following command in the msg_svr_base/sbin directory:

   start-msg mmp