Support Desk

Generate CSR Lotus Domino

Follow these instructions to generate a Key Ring and CSR.

  1. From the Notes client, open the Server Certificate Admin application on the server for which you want to enable SSL.
  2. Click Create Key Ring.
  3. Enter the following information:
    • Key Ring File Name: The default is KEYFILE.KYR. It's helpful to use the extension .KYR to keep key ring file names consistent.
    • Key Ring Password: Enter a password for the key ring.
    • Key Size: Enter 2048
    • Common name: Enter the server's TCP/IP fully-qualified domain name -- for example, www.acme.com. Set up the server certificate so that the common name matches the host name since some browsers check for this match before allowing a connection.
    • For Organization, Locality, Country, etc. refer to the CSR legend on the righ-hand side of this page for instructions.
  4. Click Create Key Ring.
  5. After you read the information about the key ring file and distinguished name, click OK. Notes creates the key ring file and stash (.STH) file and places them in the Notes data directory on the client machine used to create the key ring.
  6. Copy the key ring file and stash (.STH) file to the Domino data directory on the server.
  7. Now that you have a Key Ring you can generate the Certificate Signing Request (CSR). Select Create Certificate Request and provide the inputs as indicated; you will be asked for the Key Ring password you entered above.
  8. For the Method field choose "Paste into form on CA's site (recommended)"
  9. Open and copy the entire contents of the file you just used to generate your CSR.
  10. Save a copy of your CSR. The CSR will be needed during the online order process. You'll be asked to copy-and-paste your CSR into a special CSR box.

    Below is an example of what your CSR will look like. This is a example only and cannot be used to generate your SSL certificate.
    -----BEGIN CERTIFICATE REQUEST----- MIIB3zCCAUgCAQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdHZW9yZ2lhMRAw DgYDVQQHEwdBdGxhbnRhMREwDwYDVQQKEwhHZW9DZXJ0czEaMBgGA1UECxMRSW5l cm5ldCBNYXJrZXRpbmcxGTAXBgNVBAMTEHd3dy5nZW9jZXJ0cy5jb20xITAfBgkq hkiG9w0BCQEWEmFkbWluQGdlb2NlcnRzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB jQAwgYkCgYEA5KOi+RnRzBuBQeFYjrwZg1sfT7zr4L8j0Khuoj621x+lGBmFC76c kGclUIQBmuyp9T9NrNqAjGtEmgdFr6cWLJtgXgi+BaZDLX9BMYF49NuTggNoEUMX crQRAENHb2YthG2SEcF5p98RNcDPzWOA3a4AMvgkxDlDGYUhbcQhnt0CAwEAAaAA MA0GCSqGSIb3DQEBBAUAA4GBAIapt6Tw0BTYUwEAX0/oKvaaN/ghErR85jdW7xOD b1hL0yNfb495A7e/IQyBEP5a/v+QUOtibHS4geiPhH9etAI+DSQmctjbf6dMGJql gCXGwlsTbjPOSmNT+/X2Uvf1BlplwqAMDghEuFHsjshlypz1NEg94ri2K9N1VrBs
    +iAv
    -----END CERTIFICATE REQUEST-----