Importing an Internet certifier into the Domino® Directory

To prepare to set up Notes® clients to trust a third-party Internet certifier, first import the certifier into the Domino® Directory. The Internet certifier can be one that you purchase from a CA such as VeriSign or it can be a self-signed certificate that you create yourself using a tool such as the Key and Certificate Management Tool (keytool) provided with the Sun Java Software Development Kit (SDK). In either case, the certificate must be based on an RSA key algorithm or you will not be able to import it. If you create a self-signed certificate, remember to specify use of the RSA key algorithm.


  1. Copy the Internet certificate file to your Domino® Administrator client computer.
  2. From the Domino® Administrator, click the People & Groups tab and the Certificates view.
  3. Click Actions > Import Internet Certificates.
  4. Browse for and open the local Internet certificate file.
  5. Verify that the certificate is selected in the Open Internet Certificates box and then click Accept All.
  6. Click View > Refresh and verify that the new certificate is now displayed in the Certificates view of the Domino® Directory.


Next, create an Internet cross certificate for the certifier you imported.