Is it Possiable to Generate CSR With SHA1 using Domino Server Certificate Admin

hcl-bot · September 17, 2014, 7:29am

Subject: Is it Possiable to Generate CSR With SHA1 using Domino Server Certificate Admin

hcl-bot · September 21, 2014, 6:59am

Subject: Many Thank you Mr Brandon M Kutsch.

hcl-bot · September 17, 2014, 8:17am

Subject: no, but you can still import a sha1 based cert

You cant specify an algorithm (md5 vs sha1) when generating the Domino CSR generation using the server certificate admin,
however if you tell your CA provider that you want a SHA-1 based certificate based off of your CSR. Domino can import it using the steps in the server certificate admin db.

The trick is that the cert you install in the keyring in step4 must have been seeded by the CSR generated from the same kyr in step number 2, otherwise you risk getting a private key error when attempting step 4

Title: How to set up SSL using a third-party Certificate Authority (CA)
Doc #: 1268695
URL: http://www.ibm.com/support/docview.wss?uid=swg21268695 http://www.ibm.com/support/docview.wss?uid=swg21268695

Title: Error: “Cannot add certificate to private key”
Doc #: 1090525
URL: http://www.ibm.com/support/docview.wss?uid=swg21090525 http://www.ibm.com/support/docview.wss?uid=swg21090525

hcl-bot · September 21, 2014, 6:58am

Subject: Do IBM plan to add support for SHA-2/SHA-1 in Domino Native Server Certificate Admin later? all of my Domino 9.0.1 running under Linux OS.

hcl-bot · September 22, 2014, 10:17am

Subject: Recent forum post discussing current domino sha2 options

http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=0BBA1D75D92075FC85257D3B006FABB8 http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=0BBA1D75D92075FC85257D3B006FABB8

hcl-bot · October 16, 2014, 3:02am

Subject: What About Domino for Linux x64?

Can anyone provide any link to download IHS for Domino on Linux x64?

hcl-bot · September 17, 2014, 10:13am

Subject: SHA-1 is being phased out

I’d avoid SHA-1 unless it’s for internal testing…

Google Online Security Blog: Gradually sunsetting SHA-1 http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html

hcl-bot · September 17, 2014, 12:17pm

Subject: you can’t current use sha2 with the domino kyr

Title: Is SHA-2 algorithm for SSL supported with Domino?
Doc #: 1418982
URL: http://www.ibm.com/support/docview.wss?uid=swg21418982 http://www.ibm.com/support/docview.wss?uid=swg21418982

if you need SHA-2, I recommend using a web proxy infront of domino http
starting in domino 9 we provide IHS on windows for TLS
http://www-12.lotus.com/ldd/doc/domino_notes/9.0/help9_admin.nsf/855dc7fcfd5fec9a85256b870069c0ab/caa25dc9fd95076b85257b19005b3894?OpenDocument&Highlight=0,Installing,the,IBM,HTTP,server,module,to,support,TLS http://www-12.lotus.com/ldd/doc/domino_notes/9.0/help9_admin.nsf/855dc7fcfd5fec9a85256b870069c0ab/caa25dc9fd95076b85257b19005b3894?OpenDocument&Highlight=0,Installing,the,IBM,HTTP,server,module,to,support,TLS