Requiring a TLS connection to a server

Require TLS connections when you want to make sure that clients use a secure connection to access databases on the server. You do this by redirecting connection requests that come in over the TCP/IP port to the TLS port. If you do not require an TLS connection, clients can use either TLS or TCP/IP to connect to the server.

About this task

You can set up the redirection of TCP/IP to TLS for the HTTP, IMAP, and LDAP protocols only. POP3 and SMTP do not support the Redirect to TLS setting. You enable Redirect to TLS in one of two ways:

  • For HTTP clients, use a Web Site document.
  • For IMAP and LDAP clients, do this in the Server document.

To require TLS connections to a server in the Server document

Procedure

  1. From the Domino® Administrator, click the Configuration tab, and open the Server document.
  2. Click the Ports > Internet Ports tab.
  3. Click the tab for the protocol for which you want to require TLS.
  4. In the TCP/IP port status field, select Redirect to TLS.

For individual databases

About this task

You can also require clients to use TLS to connect to the server on a database-by-database basis, by configuring the requirement to connect with TLS in the database application itself.

Procedure

  1. From the Notes® client, select the database for which you want to force clients to use TLS.
  2. Open the Database Properties box.
  3. On the Basics tab, click Web Access: Require TLS connection.