Encrypting NRPC communication on a server port

You can encrypt network data on a server's Notes® network ports to prevent the network eavesdropping that's possible with a network protocol analyzer. Network encryption occurs at the application layer of a given protocol and is independent of other forms of encryption. Network data is encrypted only while it is in transit. After the data is received and stored, network encryption is no longer in effect.

About this task

Network data encryption occurs if you enable network data encryption on either side of a network connection. For example, if you enable encryption on a server's Notes® network port for TCP/IP, you don't need to enable encryption on the TCP/IP ports of workstations or servers that connect to the server.

If you want the server to have one TCP/IP port for Notes® traffic over the Internet and another TCP/IP port for internal traffic over NRPC, you can encrypt the port for Internet traffic and leave the port for internal traffic unencrypted.

Be aware that multiple high-speed encrypted connections to a server can affect server performance adversely. Encrypting network data has little effect on client performance. For protocols other than NRPC, you use SSL for encryption.

Procedure

  1. From the Domino® Administrator, choose the server for which you want to encrypt network data.
  2. Click the Configuration tab.
  3. From the Domino® Administrator's Tools pane, choose Server > Setup Ports.
  4. Select the port you want to encrypt.
  5. Select Encrypt network data.
  6. Click OK.
  7. Click the Server > Status tab.
  8. Do one of these so that the change takes effect, from the Domino® Administrator's Tools pane, choose Restart Port. (If you can not see the Tools pane, make sure you are in the Server Tasks view.)