Lotus Domino Administrator 8 Help - Adding a Notes cross-certificate for IDs by postal service

SECURITY

Adding a Notes cross-certificate for IDs by postal service
Organizations that cannot communicate through IBM® Lotus® Notes® mail can use these steps to add a Lotus Notes cross-certificate for user, server, and certifier IDs. For cross-certification to work, these steps must be carried out twice, with each organization alternately requesting cross-certification.

You cannot use this procedure to create an Internet cross-certificate.

To create a safe copy of an ID

Use these steps to create a safe copy of the user, server, or certifier ID that you want to cross-certify.

1. From the IBM® Lotus® Domino™ Administrator, click the Configuration tab.

2. Choose Certification and then choose ID Properties.

3. Select the user, server, or certifier ID file, and then click Open.

4. Type the password (if required). The ID Properties dialog box appears.

5. Click Your Identity - Your Certificates - Other Actions, and then select Export Notes ID (Safe Copy).

6. Enter a path and name for the safe copy, and then click OK. The default name is SAFE.ID.

7. Copy the file to a disk.

8. Use the postal service to send the disk to the certification administrator at the other organization.

To add a cross-certificate for the safe copy

Use these steps to add the cross-certificate to the Domino Directory.

1. From the Domino Administrator, click the Configuration tab.

2. Click Certification, and then click Cross Certify.

3. Select whether to use a CA-enabled certifier or use the certifier ID, and click OK.

4. If you chose to use the certifier ID, enter the password for the ID, and click OK.

5. Select the safe copy of the ID to be cross-certified, and then click OK.

6. Complete one or more of these fields:

Field Enter

Certifier Name of your organization's certifier ID

Server Location of the Domino Directory where you want to copy the cross-certificate

Subject name Organization or organizational unit certifier to be cross-certified -- for example, /Acme

Subject alternate name list An alternate name that identifies the certifier ID. Alternate names allow you to assign more than one name to an ID, which is recognizable in a user's native language.

Expiration date Date when the cross-certificate will expire

7. Click Cross Certify. Domino places the cross-certificate in the Server - Certificates view of the Domino Directory of the server you specified in Step 6.

Adding an alternate language and name to a user ID

Glossary

Feedback on Help or Product Usability?

Help on Help

All Help Contents

Glossary

Field	Enter
Certifier	Name of your organization's certifier ID
Server	Location of the Domino Directory where you want to copy the cross-certificate
Subject name	Organization or organizational unit certifier to be cross-certified -- for example, /Acme
Subject alternate name list	An alternate name that identifies the certifier ID. Alternate names allow you to assign more than one name to an ID, which is recognizable in a user's native language.
Expiration date	Date when the cross-certificate will expire