For each of the three SSL Certificates, follow the steps below:
-
Preparing your Primary Server Certificate:
Open your primary Certificate (your_domain_name.crt) in a text editor and save a copy of this file in .txt format. Name this file "your_domain_name.txt".
-
Preparing the Root and Intermediate CA Root Certificates:
Open the Intermediate Root SSL Certificate (E-Tugra_root.crt) into a text editor and save by the same name but as a .txt file. Do the same thing for the Root Certificate (TrustedRoot.crt).
Make sure sure your text files include the full certificate as in the example below:
-----BEGIN CERTIFICATE-----
text ...
------END CERTIFICATE-----Note: If you start the mkkf utility from the directory that contains your SSL Certificates the path will not need to included.
- Click R to Receive an SSL Certificate into a Key Ring file.
- You will be prompted for the file name. Enter TrustedRoot.txt.
- Enter TrustedRoot for the label.
- Click Enter to continue.
- Click W to work with Keys & Certificates.
- Click L to Select the Key to work with.
- Find the TrustedRoot and select S to chose that menu.
- Click T to mark this as a 'Trusted' root.
- Click Y (Yes) to confirm the request.
- Click Enter to return to the pervious menu.
-
Click X to Exit the menu.
Note: Repeated below for the E-Tugra Intermediate Root Certificate. Must be done in the correct order as described in these instructions!
- Repeat from Select R using the E-Tugra Intermediate SSL Certificate.
- Change the TrustedRoot.txt with E-Tugra_root.txt.
- Change the TrustedRoot label with E-Tugra_root.
-
Installing your Primary Server Certificate:
- From the main menu of the mkkf utility.
- Click R to Receive an SSL Certificate into a Key Ring file.
- Type the Primary Server Certificate file name: your_domain_name.txt.
- Click W to Work with Keys & SSL Certificates.
- Click L to Select the Key to work with.
- Click N until you find the required file.
- Click S to Select this SSL Certificate.
- Click F to mark this Key as the Default Key.
- Click X to Exit this menu.
-
Click C to Create a stash file for the Key Ring
Note: Important Steps (Do Not Overlook)
- Click X to Exit the menu.
- Click Y (Yes) to save all changes to the Key and to Confirm/Update.
-
Enabling SSL on your Domino Go Web Server
- Access your Web Server (using your browser).
- Click Configuration & Administration Forms.
- Locate Security Option.
- Click Security Configuration.
- Make certain that Allow SSL connections Using Port 443 is selected.
- Confirm that the correct Key-Ring file is listed.
- Apply changes.
-
Restart your Lotus Domino Web Server