Tag Archives: SSL

Getting data from an HTTPS site in backend using XPages

If you want to connect to an SSL protected site and get information it could be an webpage or a webservice if you are using xpages and the certifier isn’t already in Domino you need to import the certificates.

Open up the Domino Name and adress book navigate to Security -> Certificates

When you are in this view the action menu will have a new option

Select these and import each of the certificates that you have.

When they are imported you need to create a Cross certificate.

Go in to each one of the newly imported certificates and in the actions meny you will have create cross certificate create a cross certificate against the server. Make sure to change from Local to the server in registration server. When you are done.

Restart task HTTP on the server console and you should be able to connect.

If it’s an old Java agent this doesn’t work then you need to import the certificate in the keystore in the jvm.
If you are doing this let me know and I assist you.

 

Setting up a sFTP server to be used with an existing Domino SSL certificate

With the new way of creating SSL certs for Domino a new opportunity occurred to me and actually it worked great. Because we create the certificates using OpenSSL the generated Key and certificate can actually be used on the same server to setup a FTPS server. Saidly because the Domino FTP server on OpenNTF.org doesn’t support FTPS I had to use the FileZilla server the setup was super simple.

Run the setup

go into settings and enable FTP over SSL select your .Key file and your certificate file that you got back from your certifier. Also check the other option to force all connections to the server to be FTPS.

FileZilla Server Settings

And now you have a FTPS server that can deliver external content to you Domino server. The last thing you need to setup is the users and groups that should be able to connect to the server.

Update: Paul Farris commented that this is an SSL based FTP server not an SSH based so the real name should be FTPS not sFTP.