I am trying to wrap my head around installing a Domino Certificate Authority for the purposes of off-loading user registration to a help desk person without having to give them passwords for the server ID file.
So someone pointed me towards installing a CA process on the server. Most of it makes sense (although I could use a “high level” overview as I am only a very part time Domino admin). I also know that this company would like to implement the ID vault. Also, one of the admins there also just made changes to the mail server so that it uses TLS and that required him to create a .kyr file for the server using OpenSSL.
Could someone tell me if a) this recent .kyr file addition will have any effect (or use) for setting up the CA process? Also, if they want to use the ID Vault, should this be set up after the CA process or are they really just independent of each other?
Any other advice when setting this up would also be appreciated. Oh, and if anyone knows of either a Youtube tutorial or good online tutorial or even a really good Domino admin book, those might help (I find I start to get a little lost jumping around the help files).
Also a part time admin who’s done some of this. In our case, we were just setting up an https server and self-certifying. It was convoluted (to a non-admin) but we eventually figured it out until the TLS thing happened then the re-learning curve was high.
So, based on personal experience only;
The admin help and targeted searches for information can get you everything you need.
If you have a test environment, you can muck about without killing anything so if this is something you want/need to learn, play until you get it right, then do it in production.
If this is low risk (i.e. it’s OK to screw up your production environment), then play until you get it right.
If you don’t have a test environment and/or this is important and/or screw ups are not allowed, pay for a consultant; the cost of getting it right is FAR less than getting it wrong and screwing up your server.
Doug
Also a part time admin who’s done some of this. In our case, we were just setting up an https server and self-certifying. It was convoluted (to a non-admin) but we eventually figured it out until the TLS thing happened then the re-learning curve was high.
So, based on personal experience only;
The admin help and targeted searches for information can get you everything you need.
If you have a test environment, you can muck about without killing anything so if this is something you want/need to learn, play until you get it right, then do it in production.
If this is low risk (i.e. it’s OK to screw up your production environment), then play until you get it right.
If you don’t have a test environment and/or this is important and/or screw ups are not allowed, pay for a consultant; the cost of getting it right is FAR less than getting it wrong and screwing up your server.
Doug