Setting up TLS for Notes® or Domino® using SMTP

A Notes® client or Domino® server can act as an SMTP client when routing mail to an SMTP server. The Notes® client or Domino® server can use TLS to connect to a Domino® server running the SMTP service or to another type of SMTP server. You cannot set up a Notes® client or Domino® server for TLS client authentication when connecting using SMTP.

About this task

If you do not have the server's CA marked as a trusted root in the server key ring file for the Domino® server, Domino® automatically adds the certificate and logs the condition in the log file. Other Internet protocols do not allow users to proceed unless they have the server's CA marked as a trusted root. You should, however, mark the CA certificate as a trusted root instead of automatically adding the trusted root to ensure that the trusted root you receive is valid.

For information on setting up a Notes® client to use TLS to connect to an SMTP server, see HCL Notes® Help.

To set up TLS for a Domino® server routing mail to an SMTP server

Procedure

  1. From the Domino® Administrator, click the Configuration tab, and open the Server document.
  2. Select the Ports > Internet Ports > Mail tab.
  3. In the SMTP Outbound column, select Disabled in the TCP/IP port status field.
    Note: If you do not select Disabled in the TCP/IP port status field, Domino® always connects to the SMTP server without using TLS.
  4. In the SMTP Outbound column, select Enabled in the TLS port status field.
  5. Save and close the document.
  6. Add the trusted root certificate for the CA of the SMTP server.