Table of contents
Secure Sockets Layer (SSL) is cryptographic protocol that encrypts the communications between the server and the browser for Web browsing. It can be also used for secure communications with LDAP, POP3, IMAP, DIIOP, and SMTP protocols. You can set up a Domino server so that clients and servers that connect to the server use SSL to ensure privacy on the network. You set up SSL on a protocol-by-protocol basis by enabling SSL for each protocol on the server document in the Domino Directory.
To set up SSL on your server, you need a server certificate (saved in a key ring) from an Internet certificate authority (CA). You can get a server certificate from either a Domino with a self-certificate or third-party CA and then install it in a key ring. A key ring
is a binary file that uniquely identifies the server. The key ring file is stored on the server's hard drive and contains a public key, name, an expiration date, and a digital signature. The key ring also contains root certificates that are used by the server to make trust decisions.
The key ring's file name is entered either on the server document, if you are not using Internet Documents or on the Web site document.
For each Web site document, enter the key ring file name, if it is to use SSL.
Web site document
For internal use or testing, you can use a server certificate created by the Domino server called a self-certificate. Since it is not one of the trusted CAs, your browser gives you a warning about trust. You can accept the certificate and you will not be prompted again. Each browser and version have a different sequence needed to accept the certificate. This may be easy for testing or a controlled group of users, but for general public use, it is best to buy a certificate from a trusted source.
Firefox warning message
Setting up SSL with a self-certified certificate