HCL Notes and Domino 9.0 Social Edition Forum - Answer to "Why would I create a Domino SHA-2 self-signed certificate using Certreq.nsf & the CA process?"

This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Share ▼
Subscribe ▼

~Umberto Prekromanlen

Feb 9, 2016, 7:46 PM

2 Posts

Answer to "Why would I create a Domino SHA-2 self-signed certificate using Certreq.nsf & the CA process?"

Category: Administration,Configuring
Platform: All Platforms
Release: 9.0.1
Role:
Tags: Traveler,ssl,certificate
Replies: 0

This post provides an answer to follow-up to a question we received about the following new technote #1972274 , "How to create a Domino SHA-2 self-signed certificate using Certreq.nsf & the CA process"

Question: "why would I do that? As far as i know, self signed are no more accepted by Notes Traveler server." (via @sintran's tweet at https://twitter.com/sintran/status/696945159800549377)

Answer:

Self signed certificates are still accepted by the Traveler server; however, the latest versions of Apple iOS have some requirements when working with SSL connections. If you have iOS9 devices connecting to a SSL-enabled Traveler server, the backend Domino server must support TLS 1.2 connections and have a trusted certificate.

But if you have an environment running only Android devices, or for testing purposes, you can use the procedure described in this technote, which was created to assist admins who have this need.

When preparing the environment to receive trusted certificate, they should continue using KYRTool.

Share ▼
Subscribe ▼