logo

More on Secure Domino

Having read books about cryptography I understand the basics of the theory behind public-key authentication. This morning I've been reading the Domino Admin "help" files and finding the practice a lot harder to get my head round.

That said, with a lot of guess-work, re-reading and Googles I've managed to get my first secure connection to a Domino DB. And it's not even 11am yet!

Domino SSL connection

When I mentioned Domino & SSL the other week I had no idea it was such a popular subject. It's a shame then that it's another area in which the help files let us down. They miss bits out, assume we know alsorts of stuff and list the really important steps without any emphasis. I know there's an argument that you shouldn't be messing with server configuration if you don't know what you're doing. But, not all companies have an experienced admin (and not all admins are experienced ;-), often leaving it in the hands of the developer to setup.

For want of anything better I am going to make an article out of the steps required. Written from a developer's point of view I'll try and make it as simple as possible to follow.

There are two ways to do this. One is to create your own Certificate Authority (CA) in Domino. This creates a certificate that the browser doesn't know to trust and so you see a security alert until you choose to trust it. The other way is to buy a certificate from a trusted CA. The steps involved are different. So, before I write the article, I will probably get hold of a cheap one and see how to get automatically trusted SSL connections to Domino...

Comments

    • avatar
    • Mike Smith
    • Wed 6 Oct 2004 07:30

    Bravo. Can't wait.

    • avatar
    • Dan
    • Wed 6 Oct 2004 08:06

    {Link}

    Jake,

    Check out Julian's article on GoDaddy.

    • avatar
    • Jono
    • Wed 6 Oct 2004 08:49

    Nice one Jake, look forward to it.

  4. Giddy with anticipation. :-)

  5. Jake -

    As a starting point for using "trusted" certificates, there are some decent instructions on the Verisign site:

    {Link}

    {Link}

    Good luck. I think that installing an SSL certificate is either something that works right the first time, or it takes all weekend.

    - Julian

    • avatar
    • Jason
    • Wed 6 Oct 2004 16:36

    Excellent Jake ... I cant wait to see someone else try and get their head around it !!

    • avatar
    • Jake
    • Wed 6 Oct 2004 16:56

    Thanks Julian. Here's another one on another site - {Link}

    Hopefully my article will be somewhere between these overly simplistic approaches and the mind-swamp of the Admin Help files.

  8. Mind swamp... I'm going to have to remember that one. :-)

  9. Hi Jake,

    Thanks for the free help providing for Domino community.

    Appreciate if you can provide suggestions/comments/links on how to remove those Security alerts when we access SSL enabled site.

Your Comments

Name:
E-mail:
(optional)
Website:
(optional)
Comment:


About This Page

Written by Jake Howlett on Wed 6 Oct 2004

Share This Page

# ( ) '

Comments

The most recent comments added:

Skip to the comments or add your own.

You can subscribe to an individual RSS feed of comments on this entry.

Let's Get Social


About This Website

CodeStore is all about web development. Concentrating on Lotus Domino, ASP.NET, Flex, SharePoint and all things internet.

Your host is Jake Howlett who runs his own web development company called Rockall Design and is always on the lookout for new and interesting work to do.

You can find me on Twitter and on Linked In.

Read more about this site »

More Content