SECURING


Importing an Internet certifier into the Domino Directory

To prepare to set up Notes® clients to trust a third-party Internet certifier, first import the certifier into the Domino® Directory. The Internet certifier can be one that you purchase from a CA such as VeriSign or it can be a self-signed certificate that you create yourself using a tool such as the Key and Certificate Management Tool (keytool) provided with the Sun Java™ Software Development Kit (SDK). In either case, the certificate must be based on an RSA key algorithm or you will not be able to import it. If you create a self-signed certificate, remember to specify use of the RSA key algorithm.

Procedure

1. Copy the Internet certificate file to your Domino Administrator client computer.

2. From the Domino Administrator, click the People & Groups tab and the Certificates view.

3. Click Actions -> Import Internet Certificates.

4. Browse for and open the local Internet certificate file.

5. Verify that the certificate is selected in the Open Internet Certificates box and then click Accept All.

6. Click View -> Refresh and verify that the new certificate is now displayed in the Certificates view of the Domino Directory.

Results

Next, create an Internet cross certificate for the certifier you imported.

Parent topic: Pushing trusted certificates to Notes clients

Related tasks
Creating an Internet cross-certificate in the Domino Directory from a certifier document
Pushing trusted certificates to Notes clients