Let's Encrypt in Domino Environments

From time to time we have to implement or update a certificate on our Domino and/or Traveler servers. Let's encrypt enables us to get those certificates for free without any charge (Expiration time: 90 days). The first step is to receive those certificates. Depending on your operation system you have to install one of the several clients. We use the certbot-auto client.

The way to install that client is well documented and there is no need to be explained here. After that you need to create your certificate. Here are the steps on how to create and convert them into a domino environment.

  1. Create Certificate
    1. Execute necessary command
    2. Create necessary file in your domino environment
    3. Let's encrypt will check for this file
    4. Certificates will be generated
  2. Migrate certificates to Domino
    1. Create single certificate file
    2. Download kyrtool from IBM
    3. Use kyrtool to create a Domino KYR-file
    4. Import all data into newly created KYR-file
    5. Install new certifcate in Domino

In the next article we will explain how to create Let's Encrypt certificates. And in the last article we will explain how to migrate them to domino.