To set up Notes clients with certificates for S/MIME

The CA and client complete these steps to add a Domino Internet certificate to the Notes ID file. A Notes client can use one Internet certificate or use dual Internet certificates for S/MIME encryption and signatures.

1. Before issuing certificates, the CA must determine if Internet certificates should be created using the existing public and private keys from the Notes ID file or if the CA wants to issue certificates based on new keys generated from a browser certificate request. If clients use a browser that supports PKCS #12, clients can also import an existing Internet certificate into the Notes ID file. Depending on the environment, the administrator may choose to use a combination of these options for different users.

2. The CA adds a trusted root certificate to a Domino Directory that the client can access.

The client can also add a trusted root certificate to the Personal Address Book; however, adding a trusted root certificate to the Domino Directory simplifies the process of setting up Notes clients for S/MIME because the trusted root is accessible to many clients.

4. To create a certificate using the existing public and private keys in the Notes ID file, do the following:

1. The CA adds an Internet certificate to the Person document.
2. The client authenticates with the home server. Notes automatically merges the Internet certificate into the ID file.

1. The client requests the Internet certificate from the CA.
2. The CA approves the request, and Domino automatically adds the client's Internet certificate to the user's Person document.
3. The client merges the Internet certificate into the ID file.

See also

Setting up Notes clients for S/MIME
Adding an Internet certificate and cross-certificate for encrypted S/MIME messages
Dual Internet certificates for S/MIME encryption and signatures

Glossary

Help on Help

All Help Contents

Glossary

Help on Help