Document encryption and decryption in Domino using XPages

Domino® lets documents be encrypted on the web using XPages.

Domino also lets documents be encrypted on the web using XPages. Formerly, the secret key encryption feature had only been available in the Notes® client. The reason for this restriction was that the secret keys used by the encryption process are stored are stored in a user’s ID file and were not accessible to web-based applications - until the introduction of the Notes/Domino ID Vault .

XPage encryption and decryption prerequisites

Secret key encryption in XPages is designed to emulate the underlying model provided in the Notes client, with all the same rules and restrictions applied. Any Notes client applications that employed the secret key encryption feature in the Notes client are now be eligible to run as XPages applications on the web. The prerequisites required for this to work are as follows:

  • Domino ID Vault - Your Domino server configuration must be configured to use the ID Vault so that XPages can access the secret keys stored in the id files located within.
  • Domino Server Security: - Your Domino server security document needs to have the “Sign or run unrestricted methods and operations" privilege enabled for all users and/or groups that will encrypt documents in XPages. This preference is located Security tab of the appropriate server document.
Note: Refer to the Notes and Domino Encryption section of the Domino Designer Basic User Guide to gain a better understanding the underlying model of encryption and decryption in Domino.