INSTALLING


Setting up Domino security for Internet site documents

To set up security for Internet site documents, you can enable SSL server and client authentication, name-and-password authentication, or anonymous access for Internet and Intranet clients.

About this task

To enable SSL for Internet sites, configure the SSL port on the server document and set up SSL on the server by obtaining a server certificate and key ring from an Internet certificate authority.

To set up SSL authentication, you must create a server key ring file for each Internet site document. However, if the Internet site documents are for the same organization, but are created for different protocols, a single server key ring file can be used. Be sure to enter the server key ring file name in the appropriate field on the Security tab of each site document.

If you want to use Certificate Revocation Lists (CRL) for Internet certificate authentication, the server must be using a Domino® server-based certification authority for issuing Internet certificates.

Note: For Web sites, the common name on the server key ring must match the DNS name to which the IP address in the Web Site document is mapped. The IP address must be stored in the field Host name or addresses to map to this site, which is located on the Web Site document. If you enable Redirect TCP to SSL in a Web Site document, both the host name and the IP address must be stored in this field.

You should be familiar with SSL authentication, name and password authentication, and anonymous access before completing these steps.

Note: You can prohibit access to an Internet site by selecting No for all authentication options in an Internet site document. These options include TCP authentication, SSL authentication, and TCP anonymous access.

Procedure

1. From the Domino Administrator, click Configuration -> Web -> Internet sites.

2. Choose the Internet site document to modify, and click Edit Document.

3. Click Security and complete these fields:


4. Save the document.

Related concepts
Understanding Internet site documents on Domino servers
Setting up an Internet certificate authority
Caching Internet password changes for SSO
Session-based name-and-password authentication for Web clients
Anonymous Internet and intranet access
Validation and authentication for Internet and intranet clients

Related tasks
Creating an Internet site document
Setting up the Web SSO Configuration document for more than one Domino domain
Setting up session-based name-and-password authentication
Setting up basic name-and-password authentication
Setting up Internet/intranet clients for anonymous access