Adding a Notes® cross-certificate for IDs by postal service
Organizations that cannot communicate through IBM® Notes® mail can use these steps to add a Notes® cross-certificate for user, server, and certifier IDs. For cross-certification to work, these steps must be carried out twice, with each organization alternately requesting cross-certification. You cannot use these procedures to create an Internet cross-certificate.
To create a safe copy of an ID
About this task
Use these steps to create a safe copy of the user, server, or certifier ID that you want to cross-certify.
Procedure
- From the IBM® Domino® Administrator, click the Configuration tab.
- Choose Certification and then choose ID Properties.
- Select the user, server, or certifier ID file, and then click Open.
- Type the password (if required). The ID Properties dialog box appears.
- Click Export Notes ID (Safe Copy). , and then select
- Enter a path and name for the safe copy, and then click OK. The default name is SAFE.ID.
- Copy the file to a disk.
- Use the postal service to send the disk to the certification administrator at the other organization.
To add a cross-certificate for the safe copy
About this task
Use these steps to add the cross-certificate to the Domino® Directory.
Procedure
- From the Domino® Administrator, click the Configuration tab.
- Click Certification, and then click Cross Certify.
- Select whether to use a CA-enabled certifier or use the certifier ID, and click OK.
- If you chose to use the certifier ID, enter the password for the ID, and click OK.
- Select the safe copy of the ID to be cross-certified, and then click OK.
- Complete one or more of these fields:
Table 1. Cross-certification Fields Field
Enter
Certifier
Name of your organization's certifier ID.
Server
Location of the Domino® Directory where you want to copy the cross-certificate.
Subject name
Organization or organizational unit certifier to be cross-certified, for example, /Renovations
Subject alternate name list
An alternate name for the subject of the certificate. Alternate names allow you to assign names that are recognizable in a user's native language to an ID.
Expiration date
Date when the cross-certificate expires.
- Click Cross Certify. Domino® places the cross-certificate in the view of the Domino® Directory of the server you specified in Step 6.