Welcome
Securing your data
HCL Notes® security enables you to protect your workspace and data at all times, so only you and the people you designate have access to your data.
How Notes® uses public and private keys for encrypting and signing mail
HCL Notes® uses a public and private key set to encrypt and decrypt data, as well as to validate digital signatures. The public and private key in a set are mathematically related to each other and are unique to your User ID. Your public key is stored in your Notes certificate. Your certificate is stored in your User ID and the HCL Domino® Directory. Your private key is stored only in your User ID.
Requesting certificates or cross certificates

What's new in HCL Notes 14
Learn about the many new features and enhancements in HCL Notes 14.
About HCL Notes
The following topics provide information about HCL Notes.
Elements of Notes®
The HCL Notes® user interface is comprised of views menus, toolbars, navigation panes, and a sidebar that you can use for easy access to some frequently used applications.
Using the Discover page
HCL Notes® opens to the Discover page by default, unless you set up Notes to open to an application, such as Mail or Calendar, or to a customized home page. The default Discover page is a central location from which you can find targeted Notes client information more quickly and easily, including new features in the release, introductory material for new users, and helpful hints and tips. There is also a Quick Links tab that allows you to launch your workspace, Mail, Calendar, and other Notes applications you have recently used.
Using the Notes workspace
The HCL Notes® workspace, the legacy user interface for Notes, displays pages containing Notes application icons.
Using bookmarks
Bookmarks are links that point to HCL Notes® applications, views, documents, or Internet elements, such as Web pages and news groups. Bookmark folders organize your bookmarks. They can contain bookmarks or more folders.
Notes views and folders
Views display specific documents with similar criteria. For example, your Mail has an All Documents view that displays every document contained in the mail application, and a Sent view that displays only documents that you sent.
Printing
You print a single document or multiple documents at the same time. You can also print views (lists of documents in an HCL Notes® application) and the framesets found in both Notes and the Web.
Getting Started - Advanced
The topics in this section have been written for more advanced Notes users.
Tasks
The following topics provide details for common tasks in HCL Notes.
Mail
You can send and answer email, create signatures, and customize the look of your Inbox. You can also do things, like cancel an email sent by mistake or set up out of office notifications.
Calendar
You can schedule meetings, manage your schedule, add other calendars, and more.
To Do
You can keep track of what you need to do, and assign tasks to others.
Contacts
You can save information about people, such as title, addresses, birthdays, and more. You can also do things such as create groups to use as mailing lists, or print contacts as labels.
Notes applications
An HCL Notes® application contains information about a particular area of interest, such as the forms and policy documents for a department, or it might contain documents of a similar type, such as email messages. In addition, some companies create "discussion applications," where employees can post responses to particular topics.
Blogs (web logs)
You can create your own personal Web logs (blogs) using the Notes® blog template (dominoblog.ntf). After you create a blog application, you can then open it as you would any other Notes® application (NSF) file. From your blog application, you can create and manage content and blog discussions.
Locations and accounts
This topic describes connections to servers, ways to connect to servers, and things you should know before setting up a server connection.
Automating tasks using simple agents
You can program Notes® to perform tasks automatically using agents (also known as macros). Agents can help you perform repetitive tasks, such as managing documents and sending memos.
Sharing information with other applications
You can share files and graphics between HCL Notes® and other applications using a number of different techniques.
Notes roaming user
As a Notes® roaming user, you can log in to and use Notes from any computer in your organization on which Notes is installed, and use your personal data while doing so. Your personal data includes many of your Notes preferences and personal information such as your contacts, bookmarks, notebook, feeds subscriptions, and optionally your Notes workspace. Notes widgets also participate in roaming.
Replication
You can create an offline (local) duplicate of any HCL Notes® application you use. Such a duplicate is called a replica.
Search
You can use search to find documents, text in a document, applications, and people. You can also set search preferences for type of search query syntax and scope of search.
Securing your data
HCL Notes® security enables you to protect your workspace and data at all times, so only you and the people you designate have access to your data.
- Your Notes User ID and how to store it
- Changing passwords
  Passwords prevent others from using your User ID. When your administrator creates your User ID, he or she decides whether it needs a password, and what type of password is required. Once you access HCL Notes® for the first time, you should change your password to something that you can remember but is hard for others to guess.
- Using Notes shared login to eliminate Notes password prompts
  Notes® shared login (hereafter shared login) allows you to start HCL Notes and use your User ID without having to provide a Notes password. You only need to log in to Microsoft® Windows® using your Windows password. Your administrator controls whether you can use shared login.
- Locking the Notes ID
  Locking your HCL Notes® ID prevents others from using Notes when you are away from your computer. Locking your ID clears your Notes credentials and drops all connections to Notes servers. You must log in again in order to take any new action using Notes.
- Enabling Smartcards for Notes® login
  Smartcards resemble credit cards, but instead of containing a magnetic strip they contain a microprocessor and memory. You can use a Smartcard with your User ID to login to HCL Notes®, provided you have a Smartcard reader installed on your computer. Once your User ID is enabled for Smartcard login, you are prompted for your Smartcard Personal Identification Number (PIN) in place of your Notes password.
- Requesting a new user name
  If you want to request a new User Name - for example, if you got married and you want to change your name - you must contact your administrator.
- Your Notes® and Internet names
  You can view all the names that identify you in Notes®.
- Sending mail to your administrator
- Accessing servers using certificates
  A certificate is an electronic stamp, like a stamp on a passport, which verifies to a server that you are who you say you are. Certificates are stored in your User ID. When you first receive your User ID from your administrator, it contains a Notes® certificate. You may decide to use Internet certificates as well. (You may see Internet certificates being referred to as X.509 certificates.)
- The Access Control List
  Every database includes an access control list (ACL), which HCL Notes® uses to determine the level of access users and servers have to a database. Levels assigned to users determine the tasks that users can perform on a database. Levels assigned to servers determine what information within the database the servers can replicate.
- Restricting access to local databases
  When you enable encryption for a local database, HCL Notes® encrypts the database using your public key from your User ID. You are the only one who can then decrypt the database because you have the corresponding private key in your User ID. Nobody else's User ID can open the database.
- Notes data
  You can restrict access to applications you have stored locally or encrypt a document in an application.
- Three click support
  Three click support adds a level of security when you open an attachment within an email or within a document in a Notes application.
- Preventing others from reading or viewing specific documents
  You can protect your documents, so that only you and the people you designate can read them, even if others have access to the database your documents are in.
- Encrypting documents using secret keys
  Using a secret encryption key that is stored in your User ID, you can encrypt a document that you are posting in a public database, provided the document contains fields that are encryptable.
- How Notes® uses public and private keys for encrypting and signing mail
  HCL Notes® uses a public and private key set to encrypt and decrypt data, as well as to validate digital signatures. The public and private key in a set are mathematically related to each other and are unique to your User ID. Your public key is stored in your Notes certificate. Your certificate is stored in your User ID and the HCL Domino® Directory. Your private key is stored only in your User ID.
  - Encrypting and digitally signing email messages
    You can set HCL Notes® to digitally sign and encrypt email messages you send to other Notes users or to users over the Internet.
  - Mail security
    You can access your mail security options through the User Security window.
  - Mail encryption failure
    The "Mail Encryption Failure" dialog box appears when you want to encrypt an outgoing mail message and HCL Notes® can't find the recipient's certificate to encrypt the message.
  - Location configuration for signing Internet-style (S/MIME) mail
    You can view your Internet mail address information.
  - Edit locations (format for sending mail to Internet addresses)
    HCL Notes® Internet-style mail uses secure MIME (S/MIME) protocols for sending and receiving encrypted and signed mail. Internet-style Notes mail is required to secure mail to people over the Internet, and is optional to secure your mail to other Notes users.
  - Edit locations (Internet Mail Address)
    HCL Notes® Internet-style mail uses secure MIME (S/MIME) protocols for sending and receiving encrypted and signed mail. Internet-style Notes mail (S/MIME) is required to secure your mail to people over the Internet, and is optional to secure your mail to other Notes users.
  - Incoming mail
    You can select the type of format in which you prefer to receive your incoming mail.
  - Encryption certificate configuration for Internet-style (S/MIME) mail
    You can view details about your encryption certificate, used for mail with people outside of HCL Notes® and for mail from Notes users if you are configured to receive Internet-style (S/MIME) mail.
  - Certificate configuration for Internet-style (S/MIME) mail
    You can view the Internet certificates located in your User ID. The certificates listed are the certificates that you can use to send and receive secure and signed mail through HCL Notes® with others over the Internet. One of these Internet certificates must be designated as the default signing certificate.
  - Using dual Internet certificates for encryption and signatures
    You use your Internet certificate to sign messages that you send. Other people use your Internet certificate to encrypt messages they are sending to you. This is similar to how HCL Notes® certificates work. However, if you have more than one Internet certificate, you may be able to use one Internet certificate for signing messages and another Internet certificate for people to use to encrypt mail messages.
  - Select default signing certificate
    You if you have more than one Internet certificate, you can select which one to act as the default signing certificate.
  - Internet-style Notes mail options
    You can configure your Internet certificates for sending and receiving secure mail with people outside of HCL Notes®.
  - Creating new public keys
    If you lost your User ID, or someone has taken it to access your data, you should change your password and create new public keys (a new Notes® multi-purpose certificate and a new Notes international encryption certificate).
  - Publishing your Notes certificate for others to access
    You may want to publish your certificate containing your public key so others can use it to encrypt data being sent to you. The certificate can be published in the HCL Domino® Directory or sent to an individual, so that person can publish it in their Contacts. How to publish your public key depends on whether or not you are an HCL Notes® mail user.
  - Certificates in your ID file
    You can display all HCL Notes® and Internet certificates that are found in your User ID.
  - Merge certificate into your User ID
  - Examining certificates
    You can examine your certificates from your Contacts.
  - Certificate authorities and the certificates they issue
    You can view all of the Notes® and Internet certificate authority (CA) certificates that you trust.
  - Requesting certificates or cross certificates
  - Creating a cross certificate on demand
    In the following situations you may be prompted to create a cross certificate.
  - Requesting cross certificates or merging information
  - Retrieving certificates and cross certificates from your home server
    To access HCL Notes® servers in other domains, to verify digital signatures, or to encrypt messages using S/MIME, you must have cross certificates in your Contacts. You can add to your Contacts Internet certificates and Notes and Internet cross certificates from the HCL Domino® Directory on your home/mail server.
  - Advanced certificate details
    You can view details about your selected HCL Notes® or Internet certificate.
  - Trust details
    When you are viewing certificates from people and services you can view Trust Details for a selected certificate. Trust Details displays the name of the certificate, and what kind of trust you have established for it. The following are reasons why you might trust a certificate.
  - Certificates for people or services
    You can view all of the HCL Notes® and Internet certificates that you trust and don't trust for specific people or services.
  - To delete your Notes pending public keys
    If you have HCL Notes® pending keys that you do not need anymore, you can delete the keys from your User ID. You get Notes pending keys when you request new Notes public keys. The reason you might not need your Notes pending keys any longer is if you've decided to not update your Notes certificates with new public keys. In this case, pending keys have not yet been used for any purpose, therefore it is safe to delete them, assuming you definitely don't want to complete your request for new public keys.
  - Exporting a safe copy of your User ID
    When renewing HCL Notes® certificates or requesting new public keys using removable media or another mail program, you need to create a safe copy of your User ID and save it to removable media or directory that you can access.
  - To import new information from removable media into your User ID
    When you import new information into your User ID, such as a new public key, you may need to make sure to update any copies of your User ID as well.
  - Key rollover
    Key rollover is the process used to update the set of Notes® public and private keys that is stored in your ID file. This set of keys may need to be replaced - for instance, to increase security by updating to larger keys, or to recover if your private key has been compromised in some way.
- Restricting execution access with the Execution Control List
  You can protect your workstation by specifying different types of execution access for different people or organizational certifiers who run HCL Notes® scripts and formulas. For example, you may give all types of execution access to your HCL Domino® administrator, but allow no execution access to unsigned scripts or formulas.
- Securing your POP3, IMAP, or LDAP accounts
  HCL Notes® supports Secure Sockets Layer (TLS), which makes communication secure for your POP3, IMAP, or LDAP accounts. TLS encrypts the data that is sent between your Notes client and the server you specify for your account. Notes supports TLS versions 2.0 and 3.0. By default, Notes negotiates the best TLS version to use with a particular server.
- Signed plug-ins
  Your administrator may have selected plug-ins to be installed automatically with your client software. These plug-ins are signed with a certificate that is trusted by your client, and verified that the data they contain is not corrupted. Plug-ins signed in this way can then be installed without having to prompt you to accept them.
Widgets and Live Text
Widgets and Live Text enables end users to see and act on Live Text in a document, including mail, using widgets (.XML files) created for their use. Power users and administrators can create and edit widgets, and deploy them to users to engage a Notes® form, view, XPage, document or Composite Application, or third party services such as Web page, feed, or Google Gadget™, or automatically install or update a client plug-in for specific Notes users.
Error messages
Notices

Requesting certificates or cross certificates

Click any of these topics:

To add feedback about this topic, select the following checkbox:

By clicking this box, you acknowledge that you are NOT a U.S. Federal Government employee or agency, nor are you submitting information with respect to or on behalf of one. HCL provides software and services to U.S. Federal Government customers through its partners Four, Inc. Contact this team at https://hcltechsw.com/resources/us-government-contact. Do not include any personal data in this Comment box. Note: To report a problem or question about the product software, do not use this form. Instead, go to the HCL Software Support site. Personal data should not be shared in this comment box. See our Privacy Statement to understand how personal data is used.