Install SSL Certificate: Lotus Domino Go

Follow these instructions to install your SSL server certificate.

Overview. You will need to import two certificates. First the root certificate and then the SSL server certificate. Both of these certificates are included in the body of the fulfillment email from GeoCerts. Both certificates are also available from your GeoCerts account.

Import and Install the GeoTrust Root CA Certificate

1. First you will need to install the GeoTrust Root CA Certificate. Copy-and-paste the root certificate from the body of the fulfillment email into a simple text editor such as Notepad.
   
   
2. Save the file to your server as geotrustroot.pem.
3. Now do the same for the SSL server certificate and to your server as yourdomain.com.pem.
4. Start the MKKF utility by typing mkkf.*Note: If you start the "mkkf" utility from the directory that contains your certificates you will not need to include the path.
5. Select O to Open an existing key ring file. Type the name of the file (usually keyfile.kyr). You will be prompted for the password.
6. Select R to Receive a certificate into the key ring file.
7. You will be prompted for the file name. Enter geotrustroot.pem.
8. Enter Equifax Secure Certificate Authority for the label.
9. Press Enter to continue.
10. Select W to Work with Keys and Certificates.
11. Select L to List/Select the key to work with.
12. Find the Equifax Secure Certificate Authority and select S to Select this menu.
13. Select T to mark this as a Trusted root.
14. Select Y to confirm this request.
15. Press Enter to return to the pervious menu.
16. Select X to Exit the menu.
17. Now install the server certificate. From the main menu of the mkkf utility, select R to Receive a certificate into a Key Ring File.
18. Enter the server certificate file name (e.g.."yourdomain.com.pem").
19. Select W to Work with Keys and Certificates.
20. Select L to List/Select the key to work with. Select N until you find the servername.key file.
21. Select S to Select this certificate.
22. Select F to mark this key as the selected default key.
23. Select X to Exit the menu.
24. Select C to Create a stash file for the key ring.
    Note: This is an important step, which is often overlooked!
25. Select X to Exit the menu.
26. Select Y to confirm this request.

Configuring Your SSL

1. Access the web server via your browser and Select Configuration and Administration Forms.
2. Scroll down to security and select Security Configuration.
3. Ensure that Allow SSL connections using port 443 is selected.
4. Ensure that the correct Key Ring file is listed.
5. Apply the changes.
6. You will need to stop and start your web server with the following commands: stopsrc -s httpd startsrc -s httpd

Test Your SSL Certificate

Test your SSL certificate by using a browser to connect to your server. Use the https protocol directive. For example, if your SSL was issued to secure.mysite.com, enter https://secure.mysite.com into your browser.

Your browser's padlock icon will be displayed in the locked position if your certificate is installed correctly and the server is properly configured for SSL.