Untitled

Set up SSL using a third-party CA on IBM Domino

I recently wrote a blog post concerning Renewing SSL Cert on IBM iSeries. Now it’s time to write one for Domino. Of course when your SSL certificate renews there is a good chance that there is more than one place it’s going to have to be updated. We had 4-6 systems that required the SSL cert to be updated when the renewal took place. These are the resources and tools I used through the process of discovering how this update is handled in Domino when you have a wildcard SSL cert and you are renewing it from your IIS server.

Three awesome resources that will help us through this process:
IBM: How to set up SSL using a third-party Certificate Authority
This is a start to finish guide for creating a key ring in Domino (if you don’t already have one) and installing the cert. It has some great information and tells you how to add SSL to your server and/or Internet Site Documents.

Gabriella Davis: Moving an IIS SSL certificate to a Domino Keyring File
This guide was the only reason I was able to get the SSL cert over into my Domino key ring. Using the ikeyman on a Windows XP I was able to follow these steps to injected the SSL cert, update the keyring, and drop it back in Domino.

Darren Duke: Exporting Domino SSL keyfiles to another format for use with IHS
I found this blog post after attending a Domino open mic session. This is the reverse of what I was trying to do but it has some great screenshots and information on ikeyman.
Hopefully you will encounter success through this process as I did. If you have any questions or comments let me know.