Creating certificates from a micro CA

You can create web server TLS certificates from a micro CA.

About this task

Use Micro CAs to generate simplified certificates to use for testing. Certificates from a micro CA are not intended for production use. Starting with Domino 12.0.2, Micro CA TLS credentials that you create can be exported.


  1. Open certstore.nsf
  2. Create a micro CA:
    1. Click CONFIGURATIONS > Certificate Authorities.
    2. Click Add Account.
    3. In the Basics tab, do NOT enable the certificate authority. Simply configure it by giving it any name and selecting MicroCA in the Type field.
    4. In the Local CA tab, change field values, if desired. For example change Key type. In the Organization field, specify an organization name.
    5. Click Save & Close to create the micro CA.
  3. Create a certificate from the micro CA:
    1. Select any TLS CREDENTIALS view.
    2. Click Add TLS Credentials.
    3. In the Certificate provider field, select MicroCA.
    4. In the Certificate authority field, select the Micro CA to use.
    5. In the Host names field, specify the host names of the internet-facing servers to request the micro certificate for.
    6. Optionally edit other fields.
    7. Click Submit Request.
    8. Click Save & Close.