Setting up Notes® and Internet clients for SSL authentication

You can set up Notes® or other Internet clients for server authentication to encrypt data and authenticate the server identity when connecting to an Internet server. You do not need an Internet certificate if you set up a client for server-only authentication.

On the server, SSL is set up on a protocol-by-protocol basis. You can choose to enable SSL on all protocols, or enable SSL on some protocols but not others. For example, you can enable SSL on mail protocols (IMAP, POP3, SMTP) and disable it for HTTP. You must also enable the port for anonymous access; otherwise, Domino® requires an Internet certificate or a name and password from the client.

To access an Internet server using SSL, clients must have:

  • Software, such as a Web browser or a Notes® client, that supports SSL.
  • A trusted root certificate from a Domino® or third-party certifier.
  • (Notes® client only) A cross-certificate created using the trusted root certificate for the Domino® or third-party certifier. The trusted root certificate is no longer necessary after you create a cross-certificate.
Note: Secure transactions are indicated by the use of the term https:// in URLs for SSL-secured sites. A browser user can specify this when initiating a secure transaction. More likely, the user will navigate to a login page, where it is necessary to log in with a name and password in order to access the secure Web page.