Push SSL x-certs to IBM Notes Client (prevent cross-cert dialog)

If you connect the IBM Sametime meeting oder advanced server from the IBM Notes client (plug-in) through secure connection (SSL) …


… you will get a cross certificate warning within the Notes client.


To prevent this annoying dialog within the IBM Notes client you can push this x-certs to all IBM Notes client through the IBM Domino policy.

  1. Configure a secure (SSL) connection from your IBM Notes client (administrator) to the IBM Sametime meeting (or advanced) server
  2. After you connect the first time to the IBM Sametime meeting server you should get a cross-certificate window
    ! DO NOT automatically accept it.
    You need to change the fields to save the cross-certificate to your central domino address book (names.nsf).
    NOTE: If you do not get the cross-certificate window, please check your local address book for already accepted x-certs and delete the concerning document.
  3. In the field „certifier“ select your IBM Domino organization id (e.g. /edcom/de)
    In the field „server“ select your IBM Domino administration server (could be any other Domino server who helds the names.nsf)
    In the field „subject name“ select either the Sametime Meeting Server certificate or the „trusted root“ authority
  4. Click „cross certify“ to save the cross-certificate between IBM Domino organization <> Sametime server „trusted root“ into your central IBM domino directory (names.nsf)
  5. Create or edit an IBM Domino policy  – security setting document and switch to
    >> tab „keys and certificate“ >> section „administrative trust defaults“ and press the button „Update Links“ …
    … and select the cross-certificate you created before
  6. After the next login from the IBM Notes client, the cross-certificate from the IBM Domino policy security document was saved to the local address book in the view certificates

Thats it

BTW – you could also use this documentation to push x-certs between DomOrg <> DomOrg to IBM Notes clients