SECURING


Configure the Certificate Store database (certstore.nsf) on Web servers

Run certmgr on Web servers in the domain to create replicas of certstore.nsf on them.

About this task

Run certmgr on Domino 12 (or higher) Web servers in the domain. The CertMgr task automatically connects to the CertMgr server and creates a replica of the certstore.nsf database on the Web servers. CertMgr on these servers operates as a CertMgr client and replicates certstore.nsf automatically with the initial CertMgr server. After certstore.nsf is present on a server, a TLS cache, used to manage TLS credentials, is loaded automatically when you start any internet server task, like HTTP. Any update to the certstore.nsf database on a server dynamically reloads the TLS cache.

Note: Running CertMgr on the Web servers is optional. You can instead create the certstore.nsf replica manually and replicate it with your standard replication schedule. Replicating certstore.nsf manually is required on IBM i platforms, which do not come with CertMgr.

Parent topic: Managing TLS certificates with Certificate Manager