Admin Cert expire

HCL Domino Domino Forum
1

Today, I can’t login Lotus domino admin because Admin cert is expired. >_<. So I can’t create/manage user account.

What can I do to renew cert?

Thanks

2

Subject: Admin Cert expire

This is the routine for an older version of Notes - not tried it on 6 or above

Use Server ID on local!

  1. Switch to an ID that has Administrator rights.

  2. Launch the Notes client.

  3. Select File - Tools - Server Administration.

  4. For Release 4.x: Click the Certifiers icon. For Release 5.x: Select Administration - Configuration tab, expand Certification and select Certify.

  5. Select Certify ID File.

  6. From the Choose Certifier ID dialog box, select the O or OU certifier that was originally used to certify the user.

  7. Enter the password for the certifier ID.

  8. From the Choose ID to Certify dialog box, select the ID to be recertified.

  9. Enter the password for the user to be recertified.

  10. [Optional] In the Certify ID dialog box, you may set or change the following: Registration server, expiration date of the certifier and password length.

  11. Click Certify.

  12. Status window displays: “Updating address book entry for username/org”, then “Successfully updated address book entry for username/org” and finally “Username/org successfully certified.”

  13. Lotus Notes dialog box asks “Would you like to certify another?” answer No.

  14. Switch to newly-recertified ID file.

3

Subject: RE: Admin Cert expire

Some additional info – certifier IDs can be used to recertify themselves as well as users.

4

Subject: Admin Cert expire

This method will work regardless of server operating system and assumes that you do not have another administrative ID and that you have access to the certifier and its password.

  1. Recertify the admin ID locally (i.e. do not select a registration server)

  2. Shut down Domino and pull an OS copy of the server’s names.nsf to your workstation.

  3. Copy and paste the public key from the newly updated admin ID into the admin’s person document. To copy the key, go to User Security while logged in as the admin and go to Your Identity → Your Certificates → Other Actions → Mail/Copy Certificate and click Copy Certificate. This copies the cert to your clipboard.

  4. Copy the server’s names.nsf back to your server and restart Domino

This is a bit of a pain, so I recommend that you have more than one administrative ID or set the certificate expiration well into the future.