SECURING YOUR DATA
Note: If you are not a Notes mail user, you need to attach your certificate to removable media so you can deliver your certificate to the person requesting it.
To send someone your certificate
When you send someone your certificate, you are actually sending a safe copy of your User ID. A safe copy of your User ID contains enough information for someone to create a cross certificate with, but not enough information so it can be used by a malicious user.
Note: If you are using a flat certificate, you cannot respond to a cross certificate request.
1. Click File > Security > User Security (Macintosh OS X users: Lotus Notes > Security > User Security).
2. Click Your Identity > Your Certificates.
3. Click Other Actions > Respond to Cross Certificate Request on the right side of the dialog box.
4. Select the file name of the User ID that has the certificate you need to send, and then click Open.
5. Enter the name of the person you are sending your User ID to in the To field (click Address to choose from your Contacts).
6. Click Send.
7. When the person receives your User ID in the e-mail you sent, that person can cross-certify with your certificate and then send you encrypted mail.
To create a cross certificate from a certificate sent to you
1. Contact the person you need the certificate from, and ask them to respond to your cross certification request.
2. Open the e-mail that contains the User ID you need to cross-certify with.
3. Click Actions > Cross Certify Attached ID file.
4. In the Certifier password prompt, enter the password for the User ID shown. By default, your hierarchical User ID is listed in the password prompt, so you should enter your Notes password.
5. Leave the defaults for Certifier and Server in the "Issue Cross Certificate" dialog box. The certifier should be yourself, and the server should be local, which puts the cross certificate in your Contacts.
6. Click to create a cross certificate with one of the following in the "Subject name" list:
To create a cross certificate from a person record in the Domino Directory
There may be someone from another organization who has a person record in the Domino Directory. If you want to create a cross certificate for that person to access a particular server in your organization, you can create a cross certificate for him or her. That person needs to give you a certificate to cross-certify. You can do this only if you have Author access to that person's person record in the Domino Directory.
1. In the Domino Directory, open the person record of the person whom you are cross certifying.
2. Click Actions > Create Cross Certificate.
3. Select the certificate to be cross-certified.
4. Leave the defaults for Certifier and Server in the "Issue Cross Certificate" dialog box. The certifier should be yourself, and the server should be local, which puts the cross certificate in your Contacts.
5. Click to create a cross certificate with one of the following in the "Subject name" list:
To give someone your certificate using removable media
When you give someone your certificate using removable media, you need to create a safe copy of your User ID to put on the floppy disk that you deliver. A safe copy of your User ID contains enough information for someone to create a cross certificate with, but not enough information so it can be used by a malicious user.
1. Insert removable media into your workstation.
2. Click File > Security > User Security (Macintosh OS X users: Lotus Notes > Security > User Security).
3. Click Your Identity > Your Certificates.
4. Click Other Actions > Export Notes Id (Safe Copy) on the right side of the dialog box.
5. Change the directory to the removable media drive.
6. Enter a file name for the safe copy of your User ID in the "File Name" field (Macintosh users: Save As field). The default is SAFE.ID.
7. Click Save, and then deliver the removable media to the person who requested it.
8. When the person receives your User ID, that person needs to import the certificate into his or her User ID. Once he or she does that, he or she can cross-certify with your certificate and then send you encrypted mail.
Related topics Accessing servers using certificates Creating a cross certificate on demand Retrieving certificates and cross certificates from your home server To retrieve an Internet cross certificate