HOME PAGE CUSTOMIZATION
Some CAs issue specific certificates for signing and issue others for encryption. Other CAs issue certificates that can be used for both signing and encryption.
Encryption
When a person encrypts mail using your Internet certificate, NotesR usually uses the most recently added certificate from the IBM LotusR DominoR Directory to encrypt the message. However, if the most recently added certificate is one that is only used for signing, Notes looks for a certificate in the Domino Directory that can be used for encryption.
Note that your administrator can also create a new Internet certificate for you, which could automatically become your default signing or encryption certificate because it was the most recently added Internet certificate.
Signing
If you add a new Internet certificate to your User ID, the new certificate automatically becomes the default signing certificate because it is the most recently added certificate. If the most recently added certificate is configured for encryption only, Notes does not change your default signing certificate.
If you want to use a different certificate for signing, you can change which Internet certificate should be used as the default signing certificate at any time.
This topic describes how to:
1. Click File > Security > User Security (Macintosh OS X users: Lotus Notes > Security > User Security).
2. Click Mail.
3. Under "Security options that apply to Internet-style Notes mail only", click the "Internet-style Mail Options" button, then click the "Certificate Configuration" button under "Certificate options."
4. In the "Certificate configuration for Internet-style (S/MIME) Mail" dialog box, select the Internet certificate you want to use for electronic signatures.
5. Select "Use this certificate as your default signing certificate." This option is only available if you have more than one Internet certificate available to be used for signing and authentication.
Note: The default signing certificate is also the certificate used for SSL client authentication.
Tip: For an alternate way to change your default signing certificate through User Security, click Your Identity > Your Certificates, display your Internet certificates, select the certificate you want as your default signing certificate, click the "Advanced Details" button, and then select "Use this certificate as your default signing certificate."
To obtain someone's Internet certificate for mail encryption
If you want to send someone encrypted mail, but you don't have that person's Internet certificate, have them send you a message that is signed with their Internet certificate. When you receive the e-mail, select the e-mail, choose Actions > Tools > Add Sender to Address Book, and be sure to select "Include X.509 certificates when encountered" under the Advanced tab. Notes creates a Contact document and adds any Internet certificates sent with the mail message to the Contact document. When you send an encrypted message to this recipient, Notes extracts the Internet certificate for encryption from the Contact document and uses the recipient's certificate to encrypt the message.
If you want to enable someone to send you encrypted mail using your Internet certificate, have the recipient add you to their Contacts by following the same procedure as above.
Tip: See Certificates for people or services for information on searching for someone's Internet certificate.
Related topics Accessing servers using certificates Encrypting and digitally signing e-mail messages Requesting Internet certificates Finding Notes and Internet certificates you trust To retrieve an Internet cross certificate Certificate configuration for Internet-style (S/MIME) mail