If you have created a cross-certificate in the Domino® Directory for an Internet certifier or Notes® certifier, you can use security policy settings to push it to Notes clients' Contacts. You can optionally push an Internet certifier too. Users can view the cross-certificate or certifier in Contacts but cannot edit or delete it.

About this task

Changes to certificates in the Domino Directory or to the trust configuration in a security policy settings document causes automatic updates to clients as follows:

• Updating a certifier or cross-certificate in the Domino Directory updates it on clients that trust the certifier through policy.
• Deleting a certifier or cross-certificate from the Domino Directory deletes it from the policy configuration and from clients.
• Pushing a certifier or cross-certificate through policy overrides any versions that existed on clients prior to policy configuration.
• Removing a certifier or cross-certificate from the policy configuration removes it from clients.

Procedure

1. Create or edit a security policy settings document.

2. Click the Keys and Certificates tab.

3. In the Administrative trust defaults section, click Update Links, select one of the following options, and click OK:

• To push all Notes cross-certificates, Internet cross-certificates, and Internet certifiers in the Domino Directory to clients, select All supported.
• To push specific certificates, for example, specific cross-certificates only, select Selected supported and select each certificate to push.

Parent topic: Pushing trusted certificates to Notes clients

Related tasks
Creating a security policy settings document
Customizing a Notes install kit to set certifier and trust defaults
Pushing trusted certificates to Notes clients

Help on Help

All Help Contents

Help on Help