Lotus Domino Administrator 8 Help - Using the plugin_customization.ini file to verify trust

NOTES CLIENT INSTALLATION AND SMART UPGRADE

Using the plugin_customization.ini file to verify trust
You can use the IBM® Lotus® Notes® install media kit's deploy\plugin_customization.ini file to call a named keystore and instruct the installer how to respond to features and plug-ins that are expired or not yet valid, unsigned, or signed by an unrecognized certificate authority. You can modify the following settings in the Notes install media kit deploy\plugincustomization.ini file to establish responses during install and update:

com.ibm.rcp.security.update/EXPIRED_SIGNATURE_POLICY=PROMPT

com.ibm.rcp.security.update/UNSIGNED_PLUGIN_POLICY=PROMPT

com.ibm.rcp.security.update/UNTRUSTED_SIGNATURE_POLICY=PROMPT

Note If you are updating using the install media kit, IBM® Lotus® Domino™ policy takes precedent over settings that reside in the Notes install media kit deploy\plugincustomization.ini file. Domino policy does not affect the initial install.

By default the Lotus Notes installer uses only the keystore in the deploy directory to make trust decisions. If you want to trust any certificate issued by a well known certification authority, add the following statement to the install media kit's deploy\plugin_customization.ini file as below.

Note This instructs the media kit installer to verify trust in code signing certificates using the JRE CACERTS file, which contains the certificates for all well known roots. Using this setting will compromise the security of the installer, since anyone with a valid certificate can modify the code.

com.ibm.rcp.security.update/TRUST_CERTIFICATE_AUTHORITIES=true #(default is false)

The three settings that govern how the result of signature verification is interpreted are as below:

ALLOW -- Install the feature.
PROMPT -- Prompt the user and let them decide what to do.
In the case of untrusted, the user can choose to start trusting the certificate by adding it to the keystore. Note that during Lotus Notes installation, PROMPT = DENY, because e installation program does not prompt the user for this information.
DENY -- Don't ask the user and don't install the feature.

EXPIRED_SIGNATURE_POLICY

The EXPIRED_SIGNATURE_POLICY setting defines the default behavior when provisioning encounters a JAR file that is signed but the certificate used to sign the jar file has expired. The available values are PROMPT, ALLOW, and DENY. For the initial install, PROMPT=DENY because there is no user interface for this function. The PROMPT function is recognized by Notes upgrade.

Note For any install or upgrade performed using an install media kit, PROMPT=DENY.

The following example allows JAR files with expired signatures to be installed or updated:

com.ibm.rcp.security.update/EXPIRED_SIGNATURE_POLICY=ALLOW

UNSIGNED_PLUGIN_POLICY

The UNSIGNED_PLUGIN_POLICY setting defines the default behavior when provisioning encounters an unsigned JAR file. The available values are PROMPT, ALLOW, and DENY. For the initial install, PROMPT=DENY because there is no user interface for this function. The PROMPT function is recognized by Notes install and upgrade.

The following example allows unsigned JAR files to be installed or updated:

com.ibm.rcp.security.update/UNSIGNED_PLUGIN_POLICY=ALLOW

UNTRUSTED_SIGNATURE_POLICY

The UNTRUSTED_SIGNATURE_POLICY setting defines default behavior when provisioning encounters a JAR file that has been properly signed, but no matching certificate exists in the keystore.

The available values are PROMPT, ALLOW, and DENY. For media kit install and upgrade, PROMPT=DENY because there is no user interface for this function.

The following example does not allow untrusted JAR files to be installed or updated. If the Notes installer encounters an untrusted signature during initial Notes install, it exits the install with an error.

com.ibm.rcp.security.update/UNTRUSTED_SIGNATURE_POLICY=DENY

Using Domino policy to verify trust

Customizing Notes using the plugin_customization.ini file

Glossary

Feedback on Help or Product Usability?

Help on Help

All Help Contents

Glossary