Pushing certificates to clients through security policy settings
If you have created a cross-certificate in the Domino® Directory for an Internet certifier or Notes® certifier, you can use security policy settings to push it to Notes® clients' Contacts. You can optionally push an Internet certifier too. Users can view the cross-certificate or certifier in Contacts but cannot edit or delete it.
About this task
Changes to certificates in the Domino® Directory or to the trust configuration
in a security policy settings document causes automatic updates to
clients as follows:
- Updating a certifier or cross-certificate in the Domino® Directory updates it on clients that trust the certifier through policy.
- Deleting a certifier or cross-certificate from the Domino® Directory deletes it from the policy configuration and from clients.
- Pushing a certifier or cross-certificate through policy overrides any versions that existed on clients prior to policy configuration.
- Removing a certifier or cross-certificate from the policy configuration removes it from clients.
Perform the following steps:
Procedure
- Create or edit a security policy settings document.
- Click the Keys and Certificates tab.
- In the Administrative trust defaults section,
click Update Links, select one of the following
options, and click OK:
- To push all Notes® cross-certificates, Internet cross-certificates, and Internet certifiers in the Domino® Directory to clients, select All supported.
- To push specific certificates, for example, specific cross-certificates only, select Selected supported and select each certificate to push.
- Save the modified document.