Lotus Domino Administrator 8.5 Help - Pushing certificates to clients through security policy settings

SECURITY

Pushing certificates to clients through security policy settings
If you have created a cross-certificate in the Domino Directory for an Internet certifier or Lotus Notes certifier, you can use security policy settings to push it to Lotus Notes clients' Contacts. You can optionally push an Internet certifier too. Users can view the cross-certificate or certifier in Contacts but cannot edit or delete it.

Perform the following steps:

1. Create or edit a security policy settings document.

2. Click the Keys and Certificates tab.

3. In the "Administrative trust defaults" section, click Update Links, select one of the following options, and click OK:

To push all Lotus Notes cross-certificates, Internet cross-certificates, and Internet certifiers in the Domino Directory to clients, select "All supported."
To push specific certificates, for example, specific cross-certificates only, select "Selected supported" and select each certificate to push.

4. Save the modified document.

Changes to certificates in the Domino Directory or to the trust configuration in a security policy settings document causes automatic updates to clients as follows:

Updating a certifier or cross-certificate in the Domino Directory updates it on clients that trust the certifier through policy.
Deleting a certifier or cross-certificate from the Domino Directory deletes it from the policy configuration and from clients.
Pushing a certifier or cross-certificate through policy overrides any versions that existed on clients prior to policy configuration.
Removing a certifier or cross-certificate from the policy configuration removes it from clients.

Customizing an install kit to set certifier and trust defaults

Pushing trusted certificates to Lotus Notes clients

Glossary

Feedback on Help or Product Usability?

Help on Help

All Help Contents

Glossary