Securing your POP3, IMAP, or LDAP accounts

HCL Notes® supports Secure Sockets Layer (SSL), which makes communication secure for your POP3, IMAP, or LDAP accounts. SSL encrypts the data that is sent between your Notes client and the server you specify for your account. Notes supports SSL versions 2.0 and 3.0. By default, Notes negotiates the best SSL version to use with a particular server.

Note: Setting up a secure SSL connection in for POP3, IMAP, or LDAP doesn't necessarily mean that the server you are trying to access is running SSL.

To enable SSL for a particular account

  1. Open your Contacts.
  2. From the menu choose View > Advanced > Accounts.
  3. Click Actions > New > Account, or select an existing account and choose Actions > Edit.
  4. If you are creating a new account, see Creating or editing Internet mail accounts manually for information on creating an account.
  5. Click the Basics tab, and select Enabled in the SSL field.
  6. If you plan to access a site that you do not already trust, you must request an Internet cross certificate for that site. You do not have trust established if you receive security warnings when you try to access the site, or if you cannot access the site at all. Notes comes with many Internet cross certificates that trust common certifiers, so it is likely that you do not need an Internet cross certificate.
  7. (Optional) Change any of the following SSL settings for any account, found by clicking the Advanced tab:
    • Accept SSL site certificates -- select Yes to automatically accept certificates from unknown servers. Accepting certificates from unknown servers could be a security risk.
    • Accept expired SSL certificates -- select Yes to accept remote certificates on the server that have expired.
    • Send SSL certificates when asked (outbound connections only) -- select Yes to send your Internet certificates to the server you are connecting to if the server needs them. The server may need your certificate if you are using it for X.509 authentication or for possible mail encryption.
    • Verify account server name with remote server's certificates -- Select Enabled if you want Notes to check that the server name you have entered in this account document matches the server name you connect to.
    • SSL protocol version -- Select Negotiated to have Notes determine the SSL protocol needed to make the connection to the server you are accessing. Otherwise, select the specific protocol required from the server.
  8. Click Save and Close.