Document encryption and decryption in Domino® using XPages

Domino® lets documents be encrypted on the web using XPages.

Domino® also lets documents be encrypted on the web using XPages. Formerly, the secret key encryption feature had only been available in the Notes® client. The reason for this restriction was that the secret keys used by the encryption process are stored are stored in a user’s ID file and were not accessible to web-based applications - until the introduction of the Notes®/Domino® ID Vault .

XPage encryption and decryption prerequisites

Secret key encryption in XPages is designed to emulate the underlying model provided in the Notes® client, with all the same rules and restrictions applied. Any Notes® client applications that employed the secret key encryption feature in the Notes® client are now be eligible to run as XPages applications on the web. The prerequisites required for this to work are as follows:

  • Domino® ID Vault - Your Domino® server configuration must be configured to use the ID Vault so that XPages can access the secret keys stored in the id files located within.
  • Domino® Server Security: - Your Domino® server security document needs to have the “Sign or run unrestricted methods and operations" privilege enabled for all users and/or groups that will encrypt documents in XPages. This preference is located Security tab of the appropriate server document.
Note: Refer to the Notes and Domino Encryption section of the Domino Designer Basic User Guide to gain a better understanding the underlying model of encryption and decryption in Domino.