NOTES CLIENT INSTALLATION AND UPGRADE

Using Domino policy to set or verify trust
Occasionally, during IBM® Lotus® Notes® install or update, a security problem is encountered for a feature or plug-in. Either a JAR file is unsigned, not signed with a trusted certificate, or the certificate has either expired or is not yet valid. You can establish a policy for never installing these plug-ins, always installing them, or asking users to decide at the time the plug-in is installed.

Note IBM® Lotus® Domino® Domino policy takes precedence over Eclipse preferences. Eclipse preferences reside in the plugin_customization.ini file.

Note Features and plug-ins being installed as part of Notes install or upgrade must be signed. Features and plug-ins being deployed to an existing Notes install, for example using a widget, should be signed by a trusted certifier.

Administrative trust defaults can be pushed to clients using Domino policy settings in the "Administrative trust defaults" page on the security policy document's Keys and Certificates tab.

Note Alternatively, administrative trust defaults can be configured as part of the deploy.nsf in an install kit or in an installed deploy.nsf on disk.

To configure a policy for signed Eclipse™ plug-ins, complete the following fields on the Domino Administrator client Signed Plugins tab.

To configure a policy for signed Eclipse™ plug-ins, complete the following fields on the Domino Administrator client Signed Plugins tab. The options for each of the following fields are to ask the user, never install, or always install.


Related topics