Bewertung: 5 / 5

Stern aktivStern aktivStern aktivStern aktivStern aktiv

Create Certificate

This article is the sequel to Let's Encrypt in Domino Environments

To create a certificate is very easy: Instruct the certbot-auto application to create the certificate:

./certbot-auto certonly -d <yourFQDN> --manual

This command (you need internet access) will contact Let's encrypt. It will ask you to create a cryptic file on your server with a much more cryptic content. With this file and it's content Let's encrypt can check whether you have appropriate rights to receive a certificate. They will access the file and compare the content with the content they generated. If both is identical, you will receive the ceriticate immediately.

First, create the necessary subdirectories on you Domino server.

mkdir <notesdata>/domino/html/.well-known/acme-challenge

Then create a file with the filename highlighted in certbot-auto on your filesytem and add the content form certbot-auto to the file

touch <notesdata>/domino/html/.well-known/acme-challenge/<certbotAutoFileName>

cat <certbotAutoContent> <notesdata>/domino/html/.well-known/acme-challenge/<certbotAutoFileName>

On Linux, AIX etc ensure that filepermissions are set correctly.

chown -R notes:notes <notesdata>/domino

This command will correct the permissions. Now you can switch to your server certbot-auto ist running on. When you agree to the test of your environment this will immediatly create the certificate. It is very useful to keep this filestructure and file on your server for later automatic renew of the certificate.


In the last article we will explain how to migrate those certificates to your domino server.