#dominoforever | Product Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Make field for kyrfile visible when Internet sites is enabled in server document

There is a "bug" in Domino when it comes to which certificate to use. When you activate internet sites, the setting for which kyr file (certificate) is to be used in the server document is hidden and it is instead pointed out in the setting for internet sites. But what is stated in the internet site is only used for incoming traffic towards http. When it comes to traffic out from the server from, for example, calls to web services, the setting for kyr file that is specified in the server document is still used, even though it is not visible.

Suggest that it be corrected in such a way that the setting is not hidden, but that the title of the setting changes if the internet site is activated. The title could then, for example, be "Outgoing SSL key file name:". The function is good as it is, but the settings must be adjusted so that it becomes clear how it works.

  • Guest
  • Dec 17 2020
  • Shipped
  • Attach files
  • Admin
    Thomas Hampel commented
    5 Jun, 2021 07:36am

    Domino V12 is shipping the new Certificate Manager which will make the *.kyr file management obsolete. https://help.hcltechsw.com/domino/12.0.0/admin/secu_le_using_certificate_manager.html

  • Guest commented
    24 Jan, 2021 08:56pm

    What if you don't need no kyr file in Domino V12 at all?

    There is a new CertMgr and certstore.nsf already in beta1 and the idea is to use the TLS Cerdentials (new name for private key + cert + chain) directly from the domain wide certstore.nsf.