SECURING
If your HCL Domino server is connected to the internet over outgoing port 443 and incoming port 80/443, you can request a certificate from the Let's Encrypt CA for the server with the CertMgr command.
About this task
This command requests a certificate using an HTTP-01 challenge.
Procedure
Run the following command at the server console:
load certmgr -ACCEPT_TOU_AUTO_CONFIG
Note: This command is equivalent to:
load certmgr -r -c -o -y -ACCEPT_TOU
Results
CertMgr loads and completes the following steps:
1. Accepts the terms of operations for Let's Encrypt (-ACCEPT_TOU).
2. Creates certstore.nsf.
3. Determines the host name of the machine and requests a first certificate (-r).
4. Starts HTTP (-o) or restarts HTTP if already running (-c).
5. Runs the ACME protocol operations to request a certificate from the Let's Encrypt CA.
This same certificate request scenario can be automated using the following notes.ini settings:
CertMgr_ACCEPT_TOU=1CertMgr_AutoRequestCert=1CertMgr_AutoConfigHttp=1
Parent topic: Managing certificates with the Let's Encrypt CA
Related concepts CertMgr command line parameters CertMgr notes.ini settings