Problems importing wildcard certificate for SSL iNotes usage

hcl-bot · September 2, 2013, 6:02am

I have a wildcard certificate for my domain used for company web server (IIS7).

I want to import this certificate to domino in order to use SSL when our users access their email.

On the internet I found a lot of documentation but none of them helped me to solve the problem.

My questions:

is there any program other that very old (and unusable on modern certificates) gsk5-ikeyman which properly works with IBM .kyr keyring container? My certificate is Keylength: 2048, signature algorithm:SHA256RSA from Geotrust and what i found after a lot of tests is that gsk5-ikeyman does not support SHA256. The majority of internet certifiers now switched to sha256 signature. The newer versions of ikeyman does support SHA256 but doesn’t know how to handle .kyr container.

Anyway I loose a lot of time trying to resolve this problem and it’s frustrating.

Please help with any ideas…

Regards,

Adrian

hcl-bot · September 4, 2013, 9:24am

Subject: Thank you for suggestions

My first choice was to install IBM Http via Domino setup. But surprise… It’s only available on Windows (forgive me IBM I’m using linux).

Now I will try with nginx reverse proxy.

hcl-bot · September 4, 2013, 1:36am

Subject: Reverse proxy

Try nginx as reverse proxy

hcl-bot · September 3, 2013, 5:18pm

Subject: Suggestion

hcl-bot · October 21, 2014, 3:18pm

Subject: SHA2 works but TLS for Windows and Unix use tips

SHA2 works but TLS for Windows and Unix use tips

I guess in the context of Poodle TLS not SHA-2 is critical, but anyway here is how to get SHA-2 working with Domino 9 without IBM HTTP.