SSL Certificates Installation in Domino Go
If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see SSL Certificate CSR Creation | Lotus Domino Go.
For each of the three SSL Certificates, follow the steps below:
Preparing your Primary Server Certificate:
Open your primary Certificate (your_domain_name.crt) in a text editor and save a copy of this file in .txt format. Name this file "your_domain_name.txt".
Preparing the Root and Intermediate CA Root Certificates:
Open the Intermediate Root SSL Certificate (DigiCertCA.crt) in a text editor and save it by the same name but as a .txt file. Do the same thing for the Root Certificate (TrustedRoot.crt).
Make sure your text files include the full certificate as in the example below:
-----BEGIN CERTIFICATE-----
text ...
------END CERTIFICATE-----
Note: If you start the mkkf utility from the directory that contains your SSL Certificates, the path will not need to be included.
- Click R to receive an SSL Certificate into a Key Ring file.
- You will be prompted for the file name. Enter TrustedRoot.txt.
- Enter TrustedRoot for the label.
- Click Enter to continue.
- Click W to work with Keys & Certificates.
- Click L to select the Key to work with.
- Find the TrustedRoot and select S to choose that menu.
- Click T to mark this as a 'Trusted' root.
- Click Y (Yes) to confirm the request.
- Click Enter to return to the previous menu.
Click X to exit the menu.
Note: Repeated below for the DigiCert Intermediate Root Certificate. Must be done in the correct order as described in these instructions!
- Repeat from Select R using the DigiCert Intermediate SSL Certificate.
- Change the TrustedRoot.txt to DigiCertCA.txt.
- Change the TrustedRoot label to DigiCertRoot.
Installing your Primary Server Certificate:
- From the main menu of the MKKF utility.
- Click R to receive an SSL Certificate into a Key Ring file.
- Type the Primary Server Certificate file name: your_domain_name.txt.
- Click W to Work with Keys & SSL Certificates.
- Click L to select the Key to work with.
- Click N until you find the required file.
- Click S to Select this SSL Certificate.
- Click F to mark this Key as the Default Key.
- Click X to exit this menu.
Click C to create a stash file for the Key Ring
Note: Important Steps (Do Not Overlook)
- Click X to exit the menu.
- Click Y (Yes) to save all changes to the Key and to Confirm/Update.
Enabling SSL on your Domino Go Web Server
- Access your Web Server (using your browser).
- Click Configuration & Administration Forms.
- Locate Security Option.
- Click Security Configuration.
- Make certain that Allow SSL connections using Port 443 is selected.
- Confirm that the correct Key-Ring file is listed.
- Apply changes.
Restart your Lotus Domino Web Server