How do you import a wildcard domain certificate into Domino?

7 篇文章 0 订阅
4 篇文章 0 订阅
From Ninke Westra:

Create a server keyring (.kyr) file, for example using the certsrv.nsf database that's present on just about every server, doesn't matter if it's on the server that you want to use the keyring with or not since the keyring file is created locally to your client, not on the server.

Select Create Key Rings & Certificates in the navigator and click

 1. Create Key Ring
Under Keyring informationyou enter the filename (keyring.kyr) and password that you want to set for this keyring file.
For

  • Keysize——you can select a keysize that will be used when creating certificate requests using this keyring.Disinguished Name has some mandatory fields
  • Common Namen——your server's fully qualified hostname (when generating a certificate request or *.domainname for a wildcard request
  • Organization——Organisation name
  • Organizational Unitn—— (optionall)
  • City(optional)(可选择的)(可选择的)(可选择的)(可选择的)(可选择的)(可选择的)
  • Staten—— Province/State
  • Countryn——Two letter country code.

3. Install Trusted Root Certificate into Key Ring
Enter Certificate Information an identifying label for the certificate signer's certificate
You can choose to either import the root certificate from a .crt/.cer file or paste from clipboard.
Click Merge Trusted Root Certificate into Key Ring
Enter the password you picked at step 1. (create key ring)

To import existing wild card certificates (pcks12 format, .pfx/.p12 file) into a Domino keyring file you need IBM's [ftp] GSK5 IKeyMan.
(I read somewhere that this tool might not work in Windows 2003/Vista+ but I can not confirm that).

Extract the gsk5-ikeyman.zip file into a directory that has no spaces in the name (I used C:\gsk5)
Start the command line shell, change directory to the directory where you extracted gsk5 to and execute the following command: gskregmod.bat Add
Next run IKeyman by executing runikeyman.bat.
Open the keyfile.kyr file that we created earlier and enter the keyring password.
Select Personal certificates and click Import

Select the wildcard certificate file (.pfx/.p12) and enter the certificate's password.

Shutdown IKeyman and copy the keyfile.kyr and matching keyfile.sth to your Domino server's data directory.

Configure your Domino server to use this keyring file and restart the http task (or restart domino).


  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值