Create a self-signed SHA-2 certificate in IBM Domino
Tags :sys admin tips sha-2 SSL
It is possible to create a self-signed SHA-2 Internet certificate in IBM Domino. I am going to say it is worth it just to purchase one. But for a quick test server you may have to go through creating your own.
The short summary is:
- In the Domino Admin client go to Configuration > Registration > Internet Certifier
- Select the choice in the above image
- Fill in the required fields from the pop-up
- Choose the server for your CA to reside
- Choose the encryption and required RA persons
- ****Make sure to go the the Misc tab and change to RSA SHA265 and key strength 4096***
- Click OK and look for a succeed message
From here follow the normal steps for the CA task and Certificate Request database. Then place the new SSL cert information on the server and give it a HTTP restart! Keep in mind this should be only for testing or internal work and not external facing servers if possible. Use a trusted authority for that.
The long list of steps can be found right here in IBM technote 1972274