Instructions for System Administrators
You need special permission to update the Domino Directory and you will also need access to the Organization certifier. If you have both, keep on reading.
To prevent users from getting the Issue Cross Certify dialog, you can cross certify the top level certificate (VeriSign...) with the top level certifier (O=) in your Domino environment. The Domino Administrator or Notes Client has to be installed on the desktop, this is not supported on the web admin client.
If you have iNotes client and no Notes Clients, the cross certification on the server is all you need. Once the cross certificate is in the Domino Directory on the home server, iNotes will correctly report the signed message for all users.
|You will need access to the certifier (O=) and the Domino server. When the Issue Cross Certify request appears, change the server from local to the users mail server. Change the Certifier ID to point to your O= certifier and enter the password for this certifier. Use the CA Process if it's active.|
The cross certificate will be put into the Domino Directory under the Internet Cross Certificates and the Organization category. Now all the email signed with the Verisign certificate are cross certified with all users that are part of the O= structure.
There is one more step to do, the certificate(s) need to be copied to the users personal address book (Contacts). If you have multiple mail servers, wait until the changes in the Domino Directory have replicated.
On the user desktop or laptop,
Contacts, go to >Advanced >Certificates
Click >Actions >Retrieve Certificates from Home Server
The same entry from the Domino Directory is now available when the user opens the email. No Cross Certify request is issued.
First published on September 28, 2011