Setting up Notes clients for S/MIME

You can set up an Notes® client to use S/MIME encryption and electronic signatures when sending mail to other users of mail applications that support S/MIME.

Setting up Notes clients to send encrypted messages

Notes clients need the following to send encrypted messages:

  • The recipient's Internet certificate stored in Contacts, the Domino®, Directory, or LDAP directory. If the Internet certificate is stored in a Domino Directory in another domain or in an LDAP directory, the directory needs to be accessible using directory assistance.
  • A cross-certificate issued for either the recipient or the CA that issued the recipient's Internet certificate. This cross-certificate must be stored in the client's Contacts.
    Note: It is not necessary to have the cross-certificate prior to sending S/MIME encrypted mail. Users will be prompted to generate the cross-certificate when they try to send the message.

Setting up Notes clients to decrypt encrypted messages and send signed messages

To decrypt sent messages and send signed messages, Notes clients need an Internet certificate stored in the Notes ID file.

Setting up Notes clients to verify signed messages

To verify the signature on a signed message, Notes clients need a cross-certificate issued for either the sender of the message or the CA that issued the sender's Internet certificate. This cross-certificate must be stored in the client's Contacts.