DOMINO SERVER INSTALLATION
In order to enable SSL for Internet sites, you must configure the SSL port on the Server document and set up SSL on the server by obtaining a server certificate and key ring from an Internet certificate authority.
To set up SSL authentication, you must create a server key ring file for each Internet site document. However, if the Internet site documents are for the same organization, but are created for different protocols, a single server key ring file can be used. Be sure to enter the server key ring file name in the appropriate field on the Security tab of each site document.
If you want to use Certificate Revocation Lists (CRL) for Internet certificate authentication, the server must be using a IBM® Lotus® Domino® server-based certification authority for issuing Internet certificates.
Note For Web sites, the common name on the server key ring must match the DNS name to which the IP address in the Web Site document is mapped. The IP address must be stored in the field "Host name or addresses to map to this site," which is located on the Web Site document. If you enable Redirect TCP to SSL in a Web Site document, both the host name and the IP address must be stored in this field.
You should be familiar with SSL authentication, name and password authentication, and anonymous access before completing these steps.
To set up security for Internet site documents
Note In IBM® Lotus® Domino®, it is possible to effectively prohibit access to an Internet site by selecting "no" for all authentication options in an Internet site Document. These options include TCP authentication, SSL authentication, and TCP anonymous access.
1. From the Domino Administrator, click Configuration - Web - Internet sites.
2. Choose the Internet site document to modify, and click Edit Document.
3. Click Security, and complete these fields:
Choose one:
Related topics