1. Make sure you created a CA key ring file and certificate.

2. From the Domino Administrator, click Files, and open the Domino Certificate Authority application.

3. Click Configure Certificate Authority Profile.

4. If necessary, enter the CA key ring path and file name in the CA Key File field. By default, Notes looks for the key ring file on the local hard drive. You can also specify a network drive accessible to other administrators.

5. Enter the TCP/IP DNS name of the server that runs the CA application in the Certificate Server DNS name field. Domino uses this name to indicate where to pick up signed certificates in the messages sent to administrators and clients.

The following fields set default values for the Approved Client Certificates screen. You can override these when approving a certificate.

Field	Action
Use SSL for certificate transactions?	Choose one: Yes (default) to specify whether the e-mail message generated during the security request process includes a reference to the SSL port for secure certificate pick-up. No to specify SSL will not be used.
Certificate Server port number	Enter the number of the TCP/IP port for the server. Domino uses this port when sending an e-mail notification to clients to pick up certificates. The default is 80.
Mail confirmation of signed certificate to requester?	Choose one: Yes to generate an e-mail confirmation for a signed certificate request. No (default) to not send the confirmation.
Submit signed certificates to AdminP for addition to the Directory?	Choose one: Yes (default) to submit the signed certificate request to the Administration Process, which then stores this certificate in the Domino Directory. No to not submit the certificate.
Default validity period	Specify the period, in years, for which the signed certificate is valid. Default is 2 years.

7. Set up SSL on the CA server.

Related topics

Creating a CA key ring file and certificate
Setting up SSL on the CA server
Setting up a Domino 5 certificate authority

Glossary