Lotus Domino Server 4.6x
and 5.0x
(CSR Generation Procedures) |
|
 |
 |
From
the administration panel, click System Databases and choose
Open Domino Server Certificate Administration (CERTSRV.NSF)
on the local machine.
Click Create Key Ring. Enter
a name for the key ring file in the "Key Ring File
Name" field.
Enter a password
for the server key ring file in the "Key
Ring Password" field.
| The password is case sensitive. |
| Should you choose to enter and use a
Private Key password, you will need to make sure that you
save that password in a secure place. If you ever need
to reinstall your certificate for any reason, you will
be required to enter that password. If you forget the password
and it is past 30 days from your purchase date, then you
will be required to purchase a new certificate. An ounce
of prevention will prevent this from happening. |
| Backup the private key, as there is
no means to recover it should it be lost. The private key
is used as input in the command to generate a Certificate
Signing Request (CSR). EBIZID will reissue certificates
no more than 30 days from the time of purchase. If you
do not backup your key and your server fails or other problems
occur after the 30 days, you will then be required to purchase
a new certificate. An ounce of prevention is all that is
required to prevent this from happening. |
Select a key size. This is the size Domino uses when creating
the public and private key pairs.
| If you are using the international version of Domino,
only the 512 bit key size will work for you unless you
have Release R5.04. |
Specify the components of your server's distinguished name.
Click Create Key Ring. Click OK.
Click Create Certificate Request.
| You must select all the text in the second dialog box,
including Begin Certificate and End Certificate when the
CSR is requested. |
-----BEGIN CERTIFICATE REQUEST-----
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAU
AMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0
EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UEC
xMlU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eTAeFw0wMTA4MDIwMDAwMDBaFw0
wMzA4MDIyMzU5NTlaMIGQMQswCQYDVQQGEwJVUz
ERMA8GA1UECBMIVmlyZ2luaWExETAPBgNVBAcUC
FJpY2htb25kMSAwHgYDVQQKFBdDYXZhbGllciBU
ZWxlcGhvYm9uZGluZy5jYXZ0ZWwuY29tMIGfMA0
GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8x/1dxo
2YnblilQLmpiEziOqb7ArVfI1ymXo/MKcbKjnY2
-----END CERTIFICATE REQUEST-----
When sending your CSR to EBIZID, you
MUST copy and paste the entire CSR Request, including the
beginning and ending lines as shown below.
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
Failure to do so will result in you having to resend your CSR in the correct
format to EBIZID which will cause a prolonged delay in processing your
order. |
1.
Launch the Domino Administration client.
2. Select File-Open Server and select the Domino server
you wish to administer, Click the file tab, double click on
Server Certificate Administration database (certsrv.nsf)
3. From the administration panel, click System Databases
and choose Open Domino Server Certificate Administration (CERTSRV.NSF)
on the local machine.
4. Click Create Key Ring.
5. Enter a name for the key ring file in the "Key Ring
File Name" field.
6. Enter a password for the server key ring file in the "Key
Ring Password" field.
| The password is case sensitive. If you are using the
international version of Domino, only the 512 bit key size
will work for you unless you have Release R5.04. |
| Should you choose to enter and use a
Private Key password, you will need to make sure that you
save that password in a secure place. If you ever need
to reinstall your certificate for any reason, you will
be required to enter that password. If you forget the password
and it is past 30 days from your purchase date, then you
will be required to purchase a new certificate. An ounce
of prevention will prevent this from happening. |
| Backup the private key, as there is
no means to recover it should it be lost. The private key
is used as input in the command to generate a Certificate
Signing Request (CSR). EBIZID will reissue certificates
no more than 30 days from the time of purchase. If you
do not backup your key and your server fails or other problems
occur after the 30 days, you will then be required to purchase
a new certificate. An ounce of prevention is all that is
required to prevent this from happening. |
Specify the components of your server's distinguished name.
| If you are ordering a Wildcard Certificate,
the Common Name field must be in the format of: *
. yourdomain . com |
Click Create Key Ring. Click OK.
Click Create Certificate Request.
| You must select all the text in the second dialog box,
including Begin Certificate and End Certificate when the
CSR is requested. |
-----BEGIN CERTIFICATE REQUEST-----
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAU
AMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0
EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UEC
xMlU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eTAeFw0wMTA4MDIwMDAwMDBaFw0
wMzA4MDIyMzU5NTlaMIGQMQswCQYDVQQGEwJVUz
ERMA8GA1UECBMIVmlyZ2luaWExETAPBgNVBAcUC
FJpY2htb25kMSAwHgYDVQQKFBdDYXZhbGllciBU
ZWxlcGhvYm9uZGluZy5jYXZ0ZWwuY29tMIGfMA0
GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8x/1dxo
2YnblilQLmpiEziOqb7ArVfI1ymXo/MKcbKjnY2
-----END CERTIFICATE REQUEST-----
When sending your CSR to EBIZID, you
MUST copy and paste the entire CSR Request, including the
beginning and ending lines as shown below.
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
Failure to do so will result in you having to resend your
CSR in the correct format to EBIZID which will cause a
prolonged delay in processing your order. |
|
