Requiring a TLS connection to a server
Require TLS connections when you want to make sure that clients use a secure connection to access databases on the server. You do this by redirecting connection requests that come in over the TCP/IP port to the TLS port. If you do not require an TLS connection, clients can use either TLS or TCP/IP to connect to the server.
About this task
You can set up the redirection of TCP/IP to TLS for the HTTP, IMAP, and LDAP protocols only. POP3 and SMTP do not support the Redirect to TLS setting. You enable Redirect to TLS in one of two ways:
- For HTTP clients, use a Web Site document.
- For IMAP and LDAP clients, do this in the Server document.
To require TLS connections to a server in the Server document
Procedure
- From the Domino® Administrator, click the Configuration tab, and open the Server document.
- Click the tab.
- Click the tab for the protocol for which you want to require TLS.
- In the TCP/IP port status field, select Redirect to TLS.
For individual databases
About this task
You can also require clients to use TLS to connect to the server on a database-by-database basis, by configuring the requirement to connect with TLS in the database application itself.
Procedure
- From the Notes® client, select the database for which you want to force clients to use TLS.
- Open the Database Properties box.
- On the Basics tab, click Web Access: Require TLS connection.