Knowledge Base

SSL Certificates Installation in Domino Go

If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see SSL Certificate CSR Creation | Lotus Domino Go.

For each of the three SSL Certificates, follow the steps below:

1. Preparing your Primary Server Certificate:

   Open your primary Certificate (your_domain_name.crt) in a text editor and save a copy of this file in .txt format. Name this file "your_domain_name.txt".

2. Preparing the Root and Intermediate CA Root Certificates:

   Open the Intermediate Root SSL Certificate (DigiCertCA.crt) in a text editor and save it by the same name but as a .txt file. Do the same thing for the Root Certificate (TrustedRoot.crt).

   Make sure your text files include the full certificate as in the example below:

   -----BEGIN CERTIFICATE-----
   text ...
   ------END CERTIFICATE-----

   Note: If you start the mkkf utility from the directory that contains your SSL Certificates, the path will not need to be included.

   1. Click R to receive an SSL Certificate into a Key Ring file.
   2. You will be prompted for the file name. Enter TrustedRoot.txt.
   3. Enter TrustedRoot for the label.
   4. Click Enter to continue.
   5. Click W to work with Keys & Certificates.
   6. Click L to select the Key to work with.
   7. Find the TrustedRoot and select S to choose that menu.
   8. Click T to mark this as a 'Trusted' root.
   9. Click Y (Yes) to confirm the request.
   10. Click Enter to return to the previous menu.

   11. Click X to exit the menu.

       Note: Repeated below for the DigiCert Intermediate Root Certificate. Must be done in the correct order as described in these instructions!

   12. Repeat from Select R using the DigiCert Intermediate SSL Certificate.
   13. Change the TrustedRoot.txt to DigiCertCA.txt.
   14. Change the TrustedRoot label to DigiCertRoot.
        

3. Installing your Primary Server Certificate:

   1. From the main menu of the MKKF utility.
   2. Click R to receive an SSL Certificate into a Key Ring file.
   3. Type the Primary Server Certificate file name: your_domain_name.txt.
   4. Click W to Work with Keys & SSL Certificates.
   5. Click L to select the Key to work with.
   6. Click N until you find the required file.
   7. Click S to Select this SSL Certificate.
   8. Click F to mark this Key as the Default Key.
   9. Click X to exit this menu.

   10. Click C to create a stash file for the Key Ring

       Note: Important Steps (Do Not Overlook)

   11. Click X to exit the menu.
   12. Click Y (Yes) to save all changes to the Key and to Confirm/Update.
        

4. Enabling SSL on your Domino Go Web Server

   1. Access your Web Server (using your browser).
   2. Click Configuration & Administration Forms.
   3. Locate Security Option.
   4. Click Security Configuration.
   5. Make certain that Allow SSL connections using Port 443 is selected.
   6. Confirm that the correct Key-Ring file is listed.
   7. Apply changes.
       

5. Restart your Lotus Domino Web Server