Sun Java System Instant Messaging 7.2 Administration Guide

Installing the Certificate

After you receive the signed server certificate from your Certificate Authority, you need to install the certificate and create databases for secure communication.

ProcedureTo Install the Certificate for the Instant Messaging Multiplexor

  1. In a web browser, type the following URL to start the administration server:


    A window appears, prompting you for a user name and password.

  2. Type the administration user name and password you specified during the Web Server or Application Server installation.

    The Administration Server page appears.

  3. Install the server certificate.

    For more information on installing the certificate, see the Web Server or Application Server product documentation at

  4. Change to your Web Server or Application Server’s /alias directory.

  5. Copy the database files from the /alias directory to the Instant Messaging server's im-cfg-base directory.

    For example, on Solaris:

    cp https-serverid-hostname-cert8.db /etc/opt/SUNWiim/default/config/cert8.db

    cp https-serverid-hostname-key3.db /etc/opt/SUNWiim/default/config/key3.db

    cp secmod.db /etc/opt/SUNWiim/default/config/secmod.db

    and on Linux:

    cp https-serverid-hostname-cert8.db /etc/opt/sun/im/default/config/cert8.db

    cp https-serverid-hostname-key3.db /etc/opt/sun/im/default/config/key3.db

    cp secmod.db /etc/opt/sun/im/default/config/secmod.db

    Note –

    You need to allow Read permission on the cert7.db, key3.db, and secmod.db files for the system user used by the multiplexor. In addition, if you created multiple instances of Instant Messaging, the name of the /default directory will vary depending on the instance.

    See Table 3–1 for default locations for im-cfg-base.

  6. Change to your im-cfg-base on the multiplexor's host.

    See Instant Messaging Server Directory Structure for information on locating im-cfg-base.

  7. Create a file named sslpassword.conf using a text editor of your choice.

  8. Enter the following line in sslpassword.conf.

    Internal (Software) Token:password

    Where password is the password you specified when you created the trust database.

  9. Save and close sslpassword.conf.

  10. Ensure that all Instant Messenger end users have Ownership and Read permission on sslpassword.conf.

  11. Restart the multiplexor.

  12. Verify that SSL is working properly.

    You can do this a number of ways, for example by following the steps in Invoking the Secure Version of Instant Messenger.

  13. Log in to the Web Server or Application Server as an administrator.

  14. Remove the server instance that you created while requesting the certificate.