When SSL is used between an IdP and Domino, import the IdP SSL certificate into the
Domino directory and cross-certify it.
Procedure
- Connect to the IdP using the Firefox browser.
- Click the certificates lock icon in the address bar and view the certificates.
- Click the Details tab and select the Certificates KeyUsage field.
- Verify that the Certificates KeyUsage field contains values for
Certificate Signer and CRL Signer.
- If the Certificates KeyUsage field does not include these values, select
the certificate one level up in the certificate hierarchy and confirm that you see the values.
- Export the selected certificate and save it as a X.509 Certificate with
chain(PEM)
.crt file.
- Import the certificate into the Domino directory used by the ID vault and web servers and then
cross-certify it:
- Open the directory in Domino Administrator.
- Select .
- Select .
- Open the certificate in the Certificates view.
- Select
- Cross-certify the certificate with the certificate of the server ID file.