Setting up the Web Navigator to retrieve pages on sites secured by TLS

To set up the Web Navigator server for TLS, do the following:

• Store the Web site's TLS certificate in the Domino® Directory on the Web Navigator server.
• Enable the HTTPS protocol on the Web Navigator server as an Internet service.

The Web Navigator supports sites that have TLS certificates issued by the RSA Certificate Authority (CA), so you do not need to obtain the Web site's TLS certificate if it was issued by the RSA CA. If the Web site does not have a certificate issued by the RSA CA, you must obtain the Web site's certificate and add it to the Domino® Directory on the Web Navigator server. Obtaining the certificate from a secure location ensures that the certificate you receive is valid and creates an optimally secure environment by allowing access only to servers with which you share a valid certificate.

Although not recommended, you can set up Web Navigator to add the Web site's TLS certificate automatically to the Domino® Directory. Set up this way, the Web Navigator allows users to access pages on any Web site that uses TLS, even if the Domino® Directory does not already contain the certificate. This approach allows easy access for users, but compromises the security of the data sent by users, since the server does not verify the identity of the remote server before allowing the user to access it.