Let's Encrypt CA certificate request: Quick Start

If your HCL Domino® server is connected to the internet over outgoing port 443 and incoming port 80/443, you can request a certificate from the Let's Encrypt CA for the server with the CertMgr command.

About this task

This command requests a certificate using an HTTP-01 challenge.


Run the following command at the server console:
Note: This command is equivalent to:
load certmgr -r -c -o -y  -ACCEPT_TOU


CertMgr loads and completes the following steps:
  1. Accepts the terms of operations for Let's Encrypt (-ACCEPT_TOU).
  2. Creates certstore.nsf.
  3. Determines the host name of the machine and requests a first certificate (-r).
  4. Starts HTTP (-o) or restarts HTTP if already running (-c).
  5. Runs the ACME protocol operations to request a certificate from the Let's Encrypt CA.
This same certificate request scenario can be automated using the following notes.ini settings: