Please follow these instructions to install your SSL certificate on Lotus Domino 6.0, 7.0 or 8.0



In order to generate a CSR for Lotus Domino 6.0, 7.0 or 8.0, please follow these steps.

1.  From the main menu, select Create Key Ring.

2. Fill in the form, ensuring you select 2048 for the Key Size.

3. Click to continue. You will now get confirmation that the key ring has been created.

  • Common Name: Must match the URL you plan to secure exactly – is usually your fully-qualified domain name, e.g., trustzone.com or mail.trutzone.dk). Remember the www. Is important – include it if you want to secure https://www.yoursite.com & exclude it if you want to secure https://yoursite.com.
  • Organization: The legal (officially registered) name of your organization/company include Inc., LLP., Pvt, Plc. Ltd. SARL., etc.
  • Organizational unit: The name of your department within the organization (this is often “IT,” “Web,” or is just left blank).
  • City/locality: The city or town in which your organization is located.
  • State/province: The state in which your organization is located.
  • Country: Click here for the official list of ISO country codes for this field.

4. Clicking OK returns you to the main menu. From here, select Create Certificate Request.

5. You MUST select Paste into form on CA’s site.

6. Click Create Certificate Request to continue. You will be presented with a confirmation screen of the CSR field properties, and the text of the CSR.

7. Please ensure you copy and paste this (either into notepad or TRUSTZONE’s web form) before clicking OK on this window.



Installing SSL certificates on Lotus Domino Web Server requires that the certificate files are merged into the same Key Ring that was used to generate the CSR. If you do not have this Key Ring, then you will need to have a new certificate issued with a new CSR from a new Key Ring. Please note that your certificates MUST be installed into the Key Ring in the correct order (see example of order below):

  • Root Certificate – please download our Root Certificate from our support section and save the file as GlobalSignRootCA.crt
  • Intermediate certificate – save the Intermediate Certificate from the fulfilment email as IntermediateCertificate.crt
  • Your SSL certificate – save your SSL certificate from the fulfilment email as YourPrimaryCertificate.crt
  1. Open Domino Server Certificate Administration (CERTSRV.NSF). This is in the System Databases in the administration panel of Notes.
  2. Choose Install Trusted Root Certificate into Key Ring. Enter the file name of the key ring that was made when you created your CSR, then install the Trusted Root Certificate (RootCertificate.crt). You may get a message that the root certificate is already installed as a trusted root. If you receive this message continue to step 3.
  3. Again choose Install Trusted Root Certificate into Key Ring. Enter the file name of the key ring, and install the IntermediateCertificate.crt.
  4. This time choose ‘Install Certificate into Key Ring’. Enter the file name of the Key Ring, then install Your SSL certificate (YourSSLCertificate.crt) using the ‘Merge Certificate into Key Ring’ button.

5. Your SSL certificate now installed to your Key Ring and it is ready for use on your Lotus Domino Server.

Last updated: August 02, 2017