{"id":243318,"date":"2023-09-21T10:49:35","date_gmt":"2023-09-21T10:49:35","guid":{"rendered":"https:\/\/www.prominic.net\/?p=243318"},"modified":"2023-09-22T11:03:16","modified_gmt":"2023-09-22T11:03:16","slug":"domino-ssl-implementation-and-renewal-a-survivors-guide","status":"publish","type":"post","link":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/","title":{"rendered":"Domino SSL Implementation and Renewal: A Survivor&#8217;s Guide"},"content":{"rendered":"\n[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_row _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">With the industry standard limiting SSL\/TLS certificates to a one year expiration date, a streamlined approach is needed now more than ever to keep your sites secure. At\u00a0 <\/span><a href=\"https:\/\/collabsphere.org\/\"><span style=\"font-weight: 400;\">Collabsphere <\/span><\/a><span style=\"font-weight: 400;\">\u00a02023, our very own <\/span><b>Avery Shaffer<\/b><span style=\"font-weight: 400;\"> did a <\/span><a href=\"https:\/\/vimeo.com\/manage\/videos\/861502874\"><span style=\"font-weight: 400;\">great presentation on SSL implementation and renewal<\/span><\/a><span style=\"font-weight: 400;\"> so let\u2019s explore the key point of it.<\/span><\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text quote_border_weight=&#8221;14px&#8221; quote_border_color=&#8221;#811937&#8243; _builder_version=&#8221;4.22.1&#8243; link_font=&#8221;||||||||&#8221; quote_font=&#8221;|700|||||||&#8221; quote_text_color=&#8221;#000000&#8243; quote_font_size=&#8221;18px&#8221; quote_line_height=&#8221;1.8em&#8221; header_font=&#8221;||||||||&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;25px&#8221; header_2_line_height=&#8221;1.5em&#8221; max_width=&#8221;700px&#8221; max_width_tablet=&#8221;&#8221; max_width_phone=&#8221;&#8221; max_width_last_edited=&#8221;on|tablet&#8221; header_2_font_size_tablet=&#8221;30px&#8221; header_2_font_size_phone=&#8221;15px&#8221; header_2_font_size_last_edited=&#8221;on|desktop&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221; header_font_size__hover=&#8221;30px&#8221; header_font_size__hover_enabled=&#8221;30px&#8221; header_letter_spacing__hover=&#8221;0px&#8221; header_letter_spacing__hover_enabled=&#8221;0px&#8221; header_text_shadow_style__hover=&#8221;none&#8221; header_text_shadow_style__hover_enabled=&#8221;none&#8221; header_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_2_font_size__hover=&#8221;26px&#8221; header_2_font_size__hover_enabled=&#8221;26px&#8221; header_2_letter_spacing__hover=&#8221;0px&#8221; header_2_letter_spacing__hover_enabled=&#8221;0px&#8221; header_2_line_height__hover=&#8221;1em&#8221; header_2_line_height__hover_enabled=&#8221;1em&#8221; header_2_text_shadow_style__hover=&#8221;none&#8221; header_2_text_shadow_style__hover_enabled=&#8221;none&#8221; header_2_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_2_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_3_font_size__hover=&#8221;22px&#8221; header_3_font_size__hover_enabled=&#8221;22px&#8221; header_3_letter_spacing__hover=&#8221;0px&#8221; header_3_letter_spacing__hover_enabled=&#8221;0px&#8221; header_3_line_height__hover=&#8221;1em&#8221; header_3_line_height__hover_enabled=&#8221;1em&#8221; header_3_text_shadow_style__hover=&#8221;none&#8221; header_3_text_shadow_style__hover_enabled=&#8221;none&#8221; header_3_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_3_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_4_font_size__hover=&#8221;18px&#8221; header_4_font_size__hover_enabled=&#8221;18px&#8221; header_4_letter_spacing__hover=&#8221;0px&#8221; header_4_letter_spacing__hover_enabled=&#8221;0px&#8221; header_4_line_height__hover=&#8221;1em&#8221; header_4_line_height__hover_enabled=&#8221;1em&#8221; header_4_text_shadow_style__hover=&#8221;none&#8221; header_4_text_shadow_style__hover_enabled=&#8221;none&#8221; header_4_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_4_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_5_font_size__hover=&#8221;16px&#8221; header_5_font_size__hover_enabled=&#8221;16px&#8221; header_5_letter_spacing__hover=&#8221;0px&#8221; header_5_letter_spacing__hover_enabled=&#8221;0px&#8221; header_5_line_height__hover=&#8221;1em&#8221; header_5_line_height__hover_enabled=&#8221;1em&#8221; header_5_text_shadow_style__hover=&#8221;none&#8221; header_5_text_shadow_style__hover_enabled=&#8221;none&#8221; header_5_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_5_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_6_font_size__hover=&#8221;14px&#8221; header_6_font_size__hover_enabled=&#8221;14px&#8221; header_6_letter_spacing__hover=&#8221;0px&#8221; header_6_letter_spacing__hover_enabled=&#8221;0px&#8221; header_6_line_height__hover=&#8221;1em&#8221; header_6_line_height__hover_enabled=&#8221;1em&#8221; header_6_text_shadow_style__hover=&#8221;none&#8221; header_6_text_shadow_style__hover_enabled=&#8221;none&#8221; header_6_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_6_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; text_letter_spacing__hover=&#8221;0px&#8221; text_letter_spacing__hover_enabled=&#8221;0px&#8221; text_text_shadow_style__hover=&#8221;none&#8221; text_text_shadow_style__hover_enabled=&#8221;none&#8221; text_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; text_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221;]<blockquote>\n<h2><span style=\"font-weight: 400;\">Why is SSL a pain now?<\/span><\/h2>\n<\/blockquote>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Higher security with frequently changing certificates<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Newly released security features are updated faster (i.e SHA1 to SHA2)<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Exposed or compromised key chains removed quicker<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The \u201ccorrect\u201d theory that if we keep changing the certificates, the site can&#8217;t be hacked<\/span><\/li>\n<\/ul>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Who?<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">In 2015 the CA\/Browser Forum voted to reduce certificate validity from 5 years to 3 years.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">In 2019 they voted again to reduce certificate validity to 1 year but the vote failed.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Apple decided independently to only allow 1 year SSL validation for Safari browsers, everyone following suite.\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Future Change<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Google is pushing for maximum 90 day SSL key expiration by the end of 2024<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">While this 3 year validity already is a nightmare for admins, a reduction to 90 days will only make things worse.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">One of the things that you do need to pay attention to when working with SSL keys is that uniformity is important as the entry is in several critical places: Internet Site Documents, Internet Ports, SMTP, LDAP, IMAP etc.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">We would not recommend changing the name since there are several places where you will need to change that name and it will create extra hustle for you.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Also, if you miss only one, the whole thing will break, meaning even more work for you with restarting the server.<\/span><\/p>[\/et_pb_text][et_pb_text quote_border_weight=&#8221;14px&#8221; quote_border_color=&#8221;#811937&#8243; _builder_version=&#8221;4.22.1&#8243; link_font=&#8221;||||||||&#8221; quote_font=&#8221;|700|||||||&#8221; quote_text_color=&#8221;#000000&#8243; quote_font_size=&#8221;18px&#8221; quote_line_height=&#8221;1.8em&#8221; header_font=&#8221;||||||||&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;25px&#8221; header_2_line_height=&#8221;1.5em&#8221; max_width=&#8221;700px&#8221; max_width_tablet=&#8221;&#8221; max_width_phone=&#8221;&#8221; max_width_last_edited=&#8221;on|tablet&#8221; header_2_font_size_tablet=&#8221;30px&#8221; header_2_font_size_phone=&#8221;15px&#8221; header_2_font_size_last_edited=&#8221;on|desktop&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221; header_font_size__hover=&#8221;30px&#8221; header_font_size__hover_enabled=&#8221;30px&#8221; header_letter_spacing__hover=&#8221;0px&#8221; header_letter_spacing__hover_enabled=&#8221;0px&#8221; header_text_shadow_style__hover=&#8221;none&#8221; header_text_shadow_style__hover_enabled=&#8221;none&#8221; header_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_2_font_size__hover=&#8221;26px&#8221; header_2_font_size__hover_enabled=&#8221;26px&#8221; header_2_letter_spacing__hover=&#8221;0px&#8221; header_2_letter_spacing__hover_enabled=&#8221;0px&#8221; header_2_line_height__hover=&#8221;1em&#8221; header_2_line_height__hover_enabled=&#8221;1em&#8221; header_2_text_shadow_style__hover=&#8221;none&#8221; header_2_text_shadow_style__hover_enabled=&#8221;none&#8221; header_2_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_2_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_3_font_size__hover=&#8221;22px&#8221; header_3_font_size__hover_enabled=&#8221;22px&#8221; header_3_letter_spacing__hover=&#8221;0px&#8221; header_3_letter_spacing__hover_enabled=&#8221;0px&#8221; header_3_line_height__hover=&#8221;1em&#8221; header_3_line_height__hover_enabled=&#8221;1em&#8221; header_3_text_shadow_style__hover=&#8221;none&#8221; header_3_text_shadow_style__hover_enabled=&#8221;none&#8221; header_3_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_3_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_4_font_size__hover=&#8221;18px&#8221; header_4_font_size__hover_enabled=&#8221;18px&#8221; header_4_letter_spacing__hover=&#8221;0px&#8221; header_4_letter_spacing__hover_enabled=&#8221;0px&#8221; header_4_line_height__hover=&#8221;1em&#8221; header_4_line_height__hover_enabled=&#8221;1em&#8221; header_4_text_shadow_style__hover=&#8221;none&#8221; header_4_text_shadow_style__hover_enabled=&#8221;none&#8221; header_4_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_4_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_5_font_size__hover=&#8221;16px&#8221; header_5_font_size__hover_enabled=&#8221;16px&#8221; header_5_letter_spacing__hover=&#8221;0px&#8221; header_5_letter_spacing__hover_enabled=&#8221;0px&#8221; header_5_line_height__hover=&#8221;1em&#8221; header_5_line_height__hover_enabled=&#8221;1em&#8221; header_5_text_shadow_style__hover=&#8221;none&#8221; header_5_text_shadow_style__hover_enabled=&#8221;none&#8221; header_5_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_5_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_6_font_size__hover=&#8221;14px&#8221; header_6_font_size__hover_enabled=&#8221;14px&#8221; header_6_letter_spacing__hover=&#8221;0px&#8221; header_6_letter_spacing__hover_enabled=&#8221;0px&#8221; header_6_line_height__hover=&#8221;1em&#8221; header_6_line_height__hover_enabled=&#8221;1em&#8221; header_6_text_shadow_style__hover=&#8221;none&#8221; header_6_text_shadow_style__hover_enabled=&#8221;none&#8221; header_6_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_6_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; text_letter_spacing__hover=&#8221;0px&#8221; text_letter_spacing__hover_enabled=&#8221;0px&#8221; text_text_shadow_style__hover=&#8221;none&#8221; text_text_shadow_style__hover_enabled=&#8221;none&#8221; text_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; text_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221;]<blockquote>\n<h2 style=\"text-align: center;\"><span style=\"font-weight: 400;\">SSL Purchase and Renewal<\/span><\/h2>\n<\/blockquote>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">There are two ways to acquire an SSL for Domino: you can either use Domino&#8217;s built-in Let\u2019s Encrypt or you can purchase an SSL from a third-party provider. Each of those has its own pluses and minuses.\u00a0<\/span><\/p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3><span style=\"font-weight: 400;\">Let\u2019s Encrypt<\/span><\/h3>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_1.png&#8221; alt=&#8221;Let&#8217;s Encrypt&#8221; title_text=&#8221;SSL_1&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3><span style=\"font-weight: 400;\">Paid Certificate<\/span><\/h3>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_2.png&#8221; alt=&#8221;Paid Certificate&#8221; title_text=&#8221;SSL_2&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text quote_border_weight=&#8221;14px&#8221; quote_border_color=&#8221;#811937&#8243; _builder_version=&#8221;4.22.1&#8243; link_font=&#8221;||||||||&#8221; quote_font=&#8221;|700|||||||&#8221; quote_text_color=&#8221;#000000&#8243; quote_font_size=&#8221;18px&#8221; quote_line_height=&#8221;1.8em&#8221; header_font=&#8221;||||||||&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;25px&#8221; header_2_line_height=&#8221;1.5em&#8221; max_width=&#8221;700px&#8221; max_width_tablet=&#8221;&#8221; max_width_phone=&#8221;&#8221; max_width_last_edited=&#8221;on|tablet&#8221; header_2_font_size_tablet=&#8221;30px&#8221; header_2_font_size_phone=&#8221;15px&#8221; header_2_font_size_last_edited=&#8221;on|desktop&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221; header_font_size__hover=&#8221;30px&#8221; header_font_size__hover_enabled=&#8221;30px&#8221; header_letter_spacing__hover=&#8221;0px&#8221; header_letter_spacing__hover_enabled=&#8221;0px&#8221; header_text_shadow_style__hover=&#8221;none&#8221; header_text_shadow_style__hover_enabled=&#8221;none&#8221; header_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_2_font_size__hover=&#8221;26px&#8221; header_2_font_size__hover_enabled=&#8221;26px&#8221; header_2_letter_spacing__hover=&#8221;0px&#8221; header_2_letter_spacing__hover_enabled=&#8221;0px&#8221; header_2_line_height__hover=&#8221;1em&#8221; header_2_line_height__hover_enabled=&#8221;1em&#8221; header_2_text_shadow_style__hover=&#8221;none&#8221; header_2_text_shadow_style__hover_enabled=&#8221;none&#8221; header_2_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_2_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_3_font_size__hover=&#8221;22px&#8221; header_3_font_size__hover_enabled=&#8221;22px&#8221; header_3_letter_spacing__hover=&#8221;0px&#8221; header_3_letter_spacing__hover_enabled=&#8221;0px&#8221; header_3_line_height__hover=&#8221;1em&#8221; header_3_line_height__hover_enabled=&#8221;1em&#8221; header_3_text_shadow_style__hover=&#8221;none&#8221; header_3_text_shadow_style__hover_enabled=&#8221;none&#8221; header_3_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_3_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_4_font_size__hover=&#8221;18px&#8221; header_4_font_size__hover_enabled=&#8221;18px&#8221; header_4_letter_spacing__hover=&#8221;0px&#8221; header_4_letter_spacing__hover_enabled=&#8221;0px&#8221; header_4_line_height__hover=&#8221;1em&#8221; header_4_line_height__hover_enabled=&#8221;1em&#8221; header_4_text_shadow_style__hover=&#8221;none&#8221; header_4_text_shadow_style__hover_enabled=&#8221;none&#8221; header_4_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_4_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_5_font_size__hover=&#8221;16px&#8221; header_5_font_size__hover_enabled=&#8221;16px&#8221; header_5_letter_spacing__hover=&#8221;0px&#8221; header_5_letter_spacing__hover_enabled=&#8221;0px&#8221; header_5_line_height__hover=&#8221;1em&#8221; header_5_line_height__hover_enabled=&#8221;1em&#8221; header_5_text_shadow_style__hover=&#8221;none&#8221; header_5_text_shadow_style__hover_enabled=&#8221;none&#8221; header_5_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_5_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_6_font_size__hover=&#8221;14px&#8221; header_6_font_size__hover_enabled=&#8221;14px&#8221; header_6_letter_spacing__hover=&#8221;0px&#8221; header_6_letter_spacing__hover_enabled=&#8221;0px&#8221; header_6_line_height__hover=&#8221;1em&#8221; header_6_line_height__hover_enabled=&#8221;1em&#8221; header_6_text_shadow_style__hover=&#8221;none&#8221; header_6_text_shadow_style__hover_enabled=&#8221;none&#8221; header_6_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_6_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; text_letter_spacing__hover=&#8221;0px&#8221; text_letter_spacing__hover_enabled=&#8221;0px&#8221; text_text_shadow_style__hover=&#8221;none&#8221; text_text_shadow_style__hover_enabled=&#8221;none&#8221; text_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; text_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221;]<blockquote>\n<h2 style=\"text-align: center;\"><span style=\"font-weight: 400;\">Purchased SSLs<\/span><\/h2>\n<\/blockquote>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Where to buy SSL keys:<\/span><\/h3>\n<p style=\"text-align: justify;\"><b>DNS Registrar<\/b><\/p>\n<p style=\"text-align: justify;\"><b><\/b><\/p>\n<ul>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can install keys for you if site is hosted by them<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Generates the .csr and .key for you. The .key is very important since that is the thing you will need to generate all your certificates. So, if you request it they will put it on your website and you can take it and put it on your Domino server. So, make sure you get that .key because it\u2019s important.<\/span><\/li>\n<\/ul>\n<p><b>SSL Specialty Sites<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can purchase multi-year for cheaper (SSL still expires in one year). A note here, it will still expire after one year; you will need to click the Approval button again.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can pay extra for installation assistance<\/span><\/li>\n<\/ul>\n<p><b>Managed Hosting Providers<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Handles the whole process for extra cost<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Receive certificates in all formats needed<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can Install on Domino environment for you<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\"><\/span><\/p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3><span style=\"font-weight: 400;\">Generating your .csr and .key<\/span><\/h3>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h4 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Server Certificate Administration<\/span><\/h4>\n<p><span style=\"font-weight: 400;\"><\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">We would not recommend you use this for the following reasons:<\/span><\/p>\n<p style=\"text-align: justify;\">\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Does not support key size above 2048<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Keyfile.key buried in Domino server<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Template not available on modern Domino installations<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">OpenSSL<\/span><\/p>\n<p style=\"text-align: justify;\">\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Continuously updated<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Supports key size 4096<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can generate .kyr as well as convert certs to .pfx .p12 ect<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Knowledgebase article:<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><a href=\"https:\/\/support.hcltechsw.com\/csm?id=kb_article&amp;sysparm_article=KB0073175\"><span style=\"font-weight: 400;\">https:\/\/support.hcltechsw.com\/csm?id=kb_article&amp;sysparm_article=KB0073175<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Consistent Validation<\/span><\/h3>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Here is a pro tip from us in order to make your life easier: set up a mail-in database with just the basics because every paid version of SSL will ask you for an email adress. That way you don\u2019t have to worry about people leaving, changing their emails etc. You don\u2019t get a choice in who you put input it pulls from the Whois document so it pulls it from the technical contact for example. So in order to avoid any trouble just use a generic one mailing database to get your mail validation.<\/span><\/p>\n<p style=\"text-align: justify;\">\n<ul>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Stop the headache of single user validation<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">People leave, emails change<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Streamline validation with a generic email and mail-in database<\/span><\/li>\n<\/ul>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h4 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Installation Of Purchased Key Domino 9-11<\/span><\/h4>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Notes 9.0.1.3 to 11 can utilize the keyring\/kyrtool <\/span><a href=\"https:\/\/support.hcltechsw.com\/csm?id=kb_article&amp;sysparm_article=KB0073172\"><span style=\"font-weight: 400;\">https:\/\/support.hcltechsw.com\/csm?id=kb_article&amp;sysparm_article=KB0073172<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Command line tool to view, create and import certificates to .kyr format<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Kyrtool installs with Notes 11 out of the box<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Notes\/Domino 12 switch to Certificate Manager!<\/span><\/li>\n<\/ul>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h4 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Certificate Manager<\/span><\/h4>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">The introduction of Cert Manager meant no more .kyr if you don\u2019t want to.<\/span><\/p>\n<p style=\"text-align: justify;\">\n<ul>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Certificate Manager can import .pem, .p12 and .pfx formatted keys<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Simple as copy\/pasting certificates in .pem format on a notepad and upload<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Replicated DOMAIN WIDE! Huge deal for when 90 day keys are implemented for wildcard certificates.<\/span><\/li>\n<\/ul>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_3.png&#8221; alt=&#8221;Cert Manager&#8221; title_text=&#8221;SSL_3&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_4.png&#8221; title_text=&#8221;SSL_4&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Let\u2019s Encrypt!<\/span><\/h3>\n<p style=\"text-align: justify;\">\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Automated certificate management for Domino 10 and 11<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Two part streamlined installation on OS and Domino<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Supports Linux and Windows OS<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">DSAPI filter entry required on Internet Site document<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Requires program document and http restart to update certificate chain<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Certificates stored in data directory as .kyr\/.sth<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Server restart usually clears any renewal errors<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Test connection with staging setting before automating<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Certificate requests are limited and you will get timed out!<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\n<h4 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">\u00a0Certificate Manager<\/span><\/h4>\n<p style=\"text-align: justify;\">\n<ul>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Native automated certificate management for Domino 12<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">One line Administrator command for installation<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">\u201cload certmgr\u201d<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">DSAPI filter entry required on Internet Site document<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Requires a server task entry to ensure the task runs on startup<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Set config ServerTasks=Replica,Router,Update,Amgr,Adminp,Sched,CalConn,RnRMgr,HTTP,LDAP,Certmgr<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Replicated DOMAIN WIDE! Huge deal for if 90 day keys are implemented<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Note: TLS credentials cannot be exported. The .key is encrypted<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Workaround in Domino V12 Certificate Management slides linked at the end<\/span><\/li>\n<\/ul>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text quote_border_weight=&#8221;14px&#8221; quote_border_color=&#8221;#811937&#8243; _builder_version=&#8221;4.22.1&#8243; link_font=&#8221;||||||||&#8221; quote_font=&#8221;|700|||||||&#8221; quote_text_color=&#8221;#000000&#8243; quote_font_size=&#8221;18px&#8221; quote_line_height=&#8221;1.8em&#8221; header_font=&#8221;||||||||&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;25px&#8221; header_2_line_height=&#8221;1.5em&#8221; max_width=&#8221;700px&#8221; max_width_tablet=&#8221;&#8221; max_width_phone=&#8221;&#8221; max_width_last_edited=&#8221;on|tablet&#8221; header_2_font_size_tablet=&#8221;30px&#8221; header_2_font_size_phone=&#8221;15px&#8221; header_2_font_size_last_edited=&#8221;on|desktop&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221; header_font_size__hover=&#8221;30px&#8221; header_font_size__hover_enabled=&#8221;30px&#8221; header_letter_spacing__hover=&#8221;0px&#8221; header_letter_spacing__hover_enabled=&#8221;0px&#8221; header_text_shadow_style__hover=&#8221;none&#8221; header_text_shadow_style__hover_enabled=&#8221;none&#8221; header_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_2_font_size__hover=&#8221;26px&#8221; header_2_font_size__hover_enabled=&#8221;26px&#8221; header_2_letter_spacing__hover=&#8221;0px&#8221; header_2_letter_spacing__hover_enabled=&#8221;0px&#8221; header_2_line_height__hover=&#8221;1em&#8221; header_2_line_height__hover_enabled=&#8221;1em&#8221; header_2_text_shadow_style__hover=&#8221;none&#8221; header_2_text_shadow_style__hover_enabled=&#8221;none&#8221; header_2_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_2_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_3_font_size__hover=&#8221;22px&#8221; header_3_font_size__hover_enabled=&#8221;22px&#8221; header_3_letter_spacing__hover=&#8221;0px&#8221; header_3_letter_spacing__hover_enabled=&#8221;0px&#8221; header_3_line_height__hover=&#8221;1em&#8221; header_3_line_height__hover_enabled=&#8221;1em&#8221; header_3_text_shadow_style__hover=&#8221;none&#8221; header_3_text_shadow_style__hover_enabled=&#8221;none&#8221; header_3_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_3_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_4_font_size__hover=&#8221;18px&#8221; header_4_font_size__hover_enabled=&#8221;18px&#8221; header_4_letter_spacing__hover=&#8221;0px&#8221; header_4_letter_spacing__hover_enabled=&#8221;0px&#8221; header_4_line_height__hover=&#8221;1em&#8221; header_4_line_height__hover_enabled=&#8221;1em&#8221; header_4_text_shadow_style__hover=&#8221;none&#8221; header_4_text_shadow_style__hover_enabled=&#8221;none&#8221; header_4_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_4_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_5_font_size__hover=&#8221;16px&#8221; header_5_font_size__hover_enabled=&#8221;16px&#8221; header_5_letter_spacing__hover=&#8221;0px&#8221; header_5_letter_spacing__hover_enabled=&#8221;0px&#8221; header_5_line_height__hover=&#8221;1em&#8221; header_5_line_height__hover_enabled=&#8221;1em&#8221; header_5_text_shadow_style__hover=&#8221;none&#8221; header_5_text_shadow_style__hover_enabled=&#8221;none&#8221; header_5_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_5_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_6_font_size__hover=&#8221;14px&#8221; header_6_font_size__hover_enabled=&#8221;14px&#8221; header_6_letter_spacing__hover=&#8221;0px&#8221; header_6_letter_spacing__hover_enabled=&#8221;0px&#8221; header_6_line_height__hover=&#8221;1em&#8221; header_6_line_height__hover_enabled=&#8221;1em&#8221; header_6_text_shadow_style__hover=&#8221;none&#8221; header_6_text_shadow_style__hover_enabled=&#8221;none&#8221; header_6_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_6_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; text_letter_spacing__hover=&#8221;0px&#8221; text_letter_spacing__hover_enabled=&#8221;0px&#8221; text_text_shadow_style__hover=&#8221;none&#8221; text_text_shadow_style__hover_enabled=&#8221;none&#8221; text_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; text_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221;]<blockquote>\n<h2 style=\"text-align: center;\"><span style=\"font-weight: 400;\">Cipher Security by Domino Version<\/span><\/h2>\n<\/blockquote>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">SSL Labs<\/span><\/h3>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">It\u2019s a fantastic free tool for testing your site security which you can use for checking:\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Certificate Chain<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">TLS Protocols Enabled<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Ciphers<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Handshake Simulation<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">You can find this great tool here: <\/span><a href=\"https:\/\/www.ssllabs.com\/ssltest\"><span style=\"font-weight: 400;\">https:\/\/www.ssllabs.com\/ssltest<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Here are the results of a scan performed by us. You can see that things can be improved.<\/span><\/p>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_5.png&#8221; alt=&#8221;SSl Labs Report&#8221; title_text=&#8221;SSL_5&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Once we selected them all, this is what came out on Domino 12.0.1; it depreciated all the old ciphers except for 4.<\/span><\/p>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_6.png&#8221; alt=&#8221;SSL Labs Report&#8221; title_text=&#8221;SSL_6&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Also good to know is that Domino 12.0.2 deprecated most weak\/outdated ciphers and\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Domino 12 disables TLS 1.0 by default.<\/span><\/p>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">If you have made all changes but are still receiving an A in SSL Labs, HSTS is the answer! It was added on version 9.0.1 FP3 IF2.<\/span><\/p>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This protocol is used to prevent man-in-the-middle attacks, downgrade attacks and cookie hijacking but it\u2019s implementation comes with an error preventing that coveted A+<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">To resolve, add HTTP_HSTS_MAX_AGE=63072000 and HTTP_HSTS_INCLUDE_SUBDOMAINS=1 (for extra security) to the notes.ini.<\/span><\/p>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Check out Darren\u2019s blog for more info:<\/span><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/blog.darrenduke.net\/darren\/ddbz.nsf\/dx\/domino-adds-hsts-to-its-security-arsenal.htm\"><span style=\"font-weight: 400;\">https:\/\/blog.darrenduke.net\/darren\/ddbz.nsf\/dx\/domino-adds-hsts-to-its-security-arsenal.htm<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">One other note is that TLS 1.3 is currently not supported by any version of Domino.\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">HCL has stated it is on the roadmap,but we have no current release date as of now.<\/span><\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text quote_border_weight=&#8221;14px&#8221; quote_border_color=&#8221;#811937&#8243; _builder_version=&#8221;4.22.1&#8243; link_font=&#8221;||||||||&#8221; quote_font=&#8221;|700|||||||&#8221; quote_text_color=&#8221;#000000&#8243; quote_font_size=&#8221;18px&#8221; quote_line_height=&#8221;1.8em&#8221; header_font=&#8221;||||||||&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;25px&#8221; header_2_line_height=&#8221;1.5em&#8221; max_width=&#8221;700px&#8221; max_width_tablet=&#8221;&#8221; max_width_phone=&#8221;&#8221; max_width_last_edited=&#8221;on|tablet&#8221; header_2_font_size_tablet=&#8221;30px&#8221; header_2_font_size_phone=&#8221;15px&#8221; header_2_font_size_last_edited=&#8221;on|desktop&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221; header_font_size__hover=&#8221;30px&#8221; header_font_size__hover_enabled=&#8221;30px&#8221; header_letter_spacing__hover=&#8221;0px&#8221; header_letter_spacing__hover_enabled=&#8221;0px&#8221; header_text_shadow_style__hover=&#8221;none&#8221; header_text_shadow_style__hover_enabled=&#8221;none&#8221; header_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_2_font_size__hover=&#8221;26px&#8221; header_2_font_size__hover_enabled=&#8221;26px&#8221; header_2_letter_spacing__hover=&#8221;0px&#8221; header_2_letter_spacing__hover_enabled=&#8221;0px&#8221; header_2_line_height__hover=&#8221;1em&#8221; header_2_line_height__hover_enabled=&#8221;1em&#8221; header_2_text_shadow_style__hover=&#8221;none&#8221; header_2_text_shadow_style__hover_enabled=&#8221;none&#8221; header_2_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_2_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_3_font_size__hover=&#8221;22px&#8221; header_3_font_size__hover_enabled=&#8221;22px&#8221; header_3_letter_spacing__hover=&#8221;0px&#8221; header_3_letter_spacing__hover_enabled=&#8221;0px&#8221; header_3_line_height__hover=&#8221;1em&#8221; header_3_line_height__hover_enabled=&#8221;1em&#8221; header_3_text_shadow_style__hover=&#8221;none&#8221; header_3_text_shadow_style__hover_enabled=&#8221;none&#8221; header_3_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_3_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_4_font_size__hover=&#8221;18px&#8221; header_4_font_size__hover_enabled=&#8221;18px&#8221; header_4_letter_spacing__hover=&#8221;0px&#8221; header_4_letter_spacing__hover_enabled=&#8221;0px&#8221; header_4_line_height__hover=&#8221;1em&#8221; header_4_line_height__hover_enabled=&#8221;1em&#8221; header_4_text_shadow_style__hover=&#8221;none&#8221; header_4_text_shadow_style__hover_enabled=&#8221;none&#8221; header_4_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_4_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_5_font_size__hover=&#8221;16px&#8221; header_5_font_size__hover_enabled=&#8221;16px&#8221; header_5_letter_spacing__hover=&#8221;0px&#8221; header_5_letter_spacing__hover_enabled=&#8221;0px&#8221; header_5_line_height__hover=&#8221;1em&#8221; header_5_line_height__hover_enabled=&#8221;1em&#8221; header_5_text_shadow_style__hover=&#8221;none&#8221; header_5_text_shadow_style__hover_enabled=&#8221;none&#8221; header_5_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_5_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; header_6_font_size__hover=&#8221;14px&#8221; header_6_font_size__hover_enabled=&#8221;14px&#8221; header_6_letter_spacing__hover=&#8221;0px&#8221; header_6_letter_spacing__hover_enabled=&#8221;0px&#8221; header_6_line_height__hover=&#8221;1em&#8221; header_6_line_height__hover_enabled=&#8221;1em&#8221; header_6_text_shadow_style__hover=&#8221;none&#8221; header_6_text_shadow_style__hover_enabled=&#8221;none&#8221; header_6_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; header_6_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221; text_letter_spacing__hover=&#8221;0px&#8221; text_letter_spacing__hover_enabled=&#8221;0px&#8221; text_text_shadow_style__hover=&#8221;none&#8221; text_text_shadow_style__hover_enabled=&#8221;none&#8221; text_text_shadow_color__hover=&#8221;rgba(0,0,0,0.4)&#8221; text_text_shadow_color__hover_enabled=&#8221;rgba(0,0,0,0.4)&#8221;]<blockquote>\n<h2 style=\"text-align: center;\"><span style=\"font-weight: 400;\">Bonus Tips!<\/span><\/h2>\n<\/blockquote>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">If after you have checked and cleaned up your ciphers you still get this error:<\/span><\/p>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_7.png&#8221; title_text=&#8221;SSL_7&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p><span style=\"font-weight: 400;\">Make sure you check the hidden views because most likely that is where the trouble is.<\/span><\/p>\n<p style=\"text-align: justify;\">\n<p><span style=\"font-weight: 400;\">So, Configuration \u2192 Current Server Document to disable Internet Site Documents then save<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Ports \u2192 Internet Ports \u2192 TLS Ciphers<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">To achieve an A+ in SSL Labs disable all but the top four.<\/span><\/p>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_8.png&#8221; title_text=&#8221;SSL_8&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3><span style=\"font-weight: 400;\">Certmgr \u2013 Port 80 Error<\/span><\/h3>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Certmgr auto renewal requires port 80 to be open<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Settings that redirect traffic to 443 will break this process<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Setting Anonymous access to no will also break auto renewal<\/span><\/li>\n<\/ul>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_9.png&#8221; title_text=&#8221;SSL_9&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Utilizing A Purchased SSL Key For Nomad<\/span><\/h3>\n<p style=\"text-align: justify;\">\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">As of Domino 12.0.1FP1, HCL Nomad can be installed directly on the Domino server instance<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">During the initial set up, Nomad will look for\/install Certmgr and create a nomad.&lt;yourdomain&gt;.com entry<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">To utilize your own purchased certificate, install Certmgr and set up nomad.&lt;yourdomain&gt;.com prior to installation.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">This is not a requirement just a way to skip the extra step of having to modify\/recreate the entry<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\n<h3 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Ciphers Not Updating After HTTP Restart<\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">If no matter what you change your Domino ciphers to does not reflect in SSL Labs,\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Check for proxy and passthru servers in the environment that may be handling Encrypting the traffic.<\/span><\/p>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.prominic.net\/wp-content\/uploads\/2023\/09\/SSL_10.png&#8221; title_text=&#8221;SSL_10&#8243; align=&#8221;center&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<h3 style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Certificate Manager Renewal Deterred by Redirects<\/span><\/h3>\n<p style=\"text-align: justify;\">\n<ul>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Redirect Rules can interfere with certmgr renewal, throwing a port 80 connection error<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Workaround \u2013 Temporarily disable Internet Site Documents \u2192 restart http \u2192 re-run the renewal<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Yes, this will break the auto-renew feature while the redirect is in place<\/span><\/li>\n<\/ul>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p><span style=\"font-weight: 400;\">We recommend you also watch the recording of Avery\u2019s presentation, it\u2019s filled with lots of fun and animal images. \ud83d\ude42<\/span><\/p>[\/et_pb_text][et_pb_video src=&#8221;https:\/\/vimeo.com\/manage\/videos\/861502874&#8243; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_video][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; min_height=&#8221;478.7px&#8221;][et_pb_column _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_video src=&#8221;https:\/\/vimeo.com\/861502874?share=copy&#8221; _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][\/et_pb_video][et_pb_text _builder_version=&#8221;4.22.1&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">For any of your SSL trouble, Prominic is just an email away, so<\/span><a href=\"mailto:sales@prominic.net\"><span style=\"font-weight: 400;\"> let\u2019s talk and see how we can help you.<\/span><\/a><\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]\n","protected":false},"excerpt":{"rendered":"<p>With the industry standard limiting SSL\/TLS certificates to a one year expiration date, a streamlined approach is needed now more than ever to keep your sites secure. At\u00a0 Collabsphere \u00a02023, our very own Avery Shaffer did a great presentation on SSL implementation and renewal so let\u2019s explore the key point of it. Why is SSL [&hellip;]<\/p>\n","protected":false},"author":27,"featured_media":243337,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[142,151],"tags":[],"class_list":["post-243318","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-compliance","category-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.3 (Yoast SEO v23.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Domino SSL Implementation and Renewal: A Survivor&#039;s Guide - Prominic.NET<\/title>\n<meta name=\"description\" content=\"Ensure secure data transmission with our expert Domino SSL implementation and renewal services.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Domino SSL Implementation and Renewal: A Survivor&#039;s Guide\" \/>\n<meta property=\"og:description\" content=\"Ensure secure data transmission with our expert Domino SSL implementation and renewal services.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/\" \/>\n<meta property=\"og:site_name\" content=\"Prominic.NET\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Prominic\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-21T10:49:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-22T11:03:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png\" \/>\n\t<meta property=\"og:image:width\" content=\"900\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Raluca Robu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@prominic\" \/>\n<meta name=\"twitter:site\" content=\"@prominic\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Raluca Robu\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/\"},\"author\":{\"name\":\"Raluca Robu\",\"@id\":\"https:\/\/wordpress.prominic.net\/#\/schema\/person\/0a78f34551bd83590cb250875be1cb94\"},\"headline\":\"Domino SSL Implementation and Renewal: A Survivor&#8217;s Guide\",\"datePublished\":\"2023-09-21T10:49:35+00:00\",\"dateModified\":\"2023-09-22T11:03:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/\"},\"wordCount\":4576,\"publisher\":{\"@id\":\"https:\/\/wordpress.prominic.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png\",\"articleSection\":[\"Compliance\",\"Cybersecurity | Blog\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/\",\"url\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/\",\"name\":\"Domino SSL Implementation and Renewal: A Survivor's Guide - Prominic.NET\",\"isPartOf\":{\"@id\":\"https:\/\/wordpress.prominic.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png\",\"datePublished\":\"2023-09-21T10:49:35+00:00\",\"dateModified\":\"2023-09-22T11:03:16+00:00\",\"description\":\"Ensure secure data transmission with our expert Domino SSL implementation and renewal services.\",\"breadcrumb\":{\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage\",\"url\":\"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png\",\"contentUrl\":\"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png\",\"width\":900,\"height\":450},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wordpress.prominic.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Domino SSL Implementation and Renewal: A Survivor&#8217;s Guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wordpress.prominic.net\/#website\",\"url\":\"https:\/\/wordpress.prominic.net\/\",\"name\":\"Prominic.NET\",\"description\":\"Own Your Data Hosted by Prominic\",\"publisher\":{\"@id\":\"https:\/\/wordpress.prominic.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wordpress.prominic.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/wordpress.prominic.net\/#organization\",\"name\":\"Prominic.NET\",\"alternateName\":\"Prominic\",\"url\":\"https:\/\/wordpress.prominic.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/wordpress.prominic.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2021\/05\/Prominic-logo-transparent.jpg\",\"contentUrl\":\"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2021\/05\/Prominic-logo-transparent.jpg\",\"width\":900,\"height\":371,\"caption\":\"Prominic.NET\"},\"image\":{\"@id\":\"https:\/\/wordpress.prominic.net\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Prominic\/\",\"https:\/\/x.com\/prominic\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/wordpress.prominic.net\/#\/schema\/person\/0a78f34551bd83590cb250875be1cb94\",\"name\":\"Raluca Robu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/wordpress.prominic.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3f7a4f9c84492e861ac22eb4cc8f5676?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3f7a4f9c84492e861ac22eb4cc8f5676?s=96&d=mm&r=g\",\"caption\":\"Raluca Robu\"},\"url\":\"https:\/\/wordpress.prominic.net\/author\/raluca\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Domino SSL Implementation and Renewal: A Survivor's Guide - Prominic.NET","description":"Ensure secure data transmission with our expert Domino SSL implementation and renewal services.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/","og_locale":"en_US","og_type":"article","og_title":"Domino SSL Implementation and Renewal: A Survivor's Guide","og_description":"Ensure secure data transmission with our expert Domino SSL implementation and renewal services.","og_url":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/","og_site_name":"Prominic.NET","article_publisher":"https:\/\/www.facebook.com\/Prominic\/","article_published_time":"2023-09-21T10:49:35+00:00","article_modified_time":"2023-09-22T11:03:16+00:00","og_image":[{"width":900,"height":450,"url":"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png","type":"image\/png"}],"author":"Raluca Robu","twitter_card":"summary_large_image","twitter_creator":"@prominic","twitter_site":"@prominic","twitter_misc":{"Written by":"Raluca Robu","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#article","isPartOf":{"@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/"},"author":{"name":"Raluca Robu","@id":"https:\/\/wordpress.prominic.net\/#\/schema\/person\/0a78f34551bd83590cb250875be1cb94"},"headline":"Domino SSL Implementation and Renewal: A Survivor&#8217;s Guide","datePublished":"2023-09-21T10:49:35+00:00","dateModified":"2023-09-22T11:03:16+00:00","mainEntityOfPage":{"@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/"},"wordCount":4576,"publisher":{"@id":"https:\/\/wordpress.prominic.net\/#organization"},"image":{"@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage"},"thumbnailUrl":"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png","articleSection":["Compliance","Cybersecurity | Blog"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/","url":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/","name":"Domino SSL Implementation and Renewal: A Survivor's Guide - Prominic.NET","isPartOf":{"@id":"https:\/\/wordpress.prominic.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage"},"image":{"@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage"},"thumbnailUrl":"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png","datePublished":"2023-09-21T10:49:35+00:00","dateModified":"2023-09-22T11:03:16+00:00","description":"Ensure secure data transmission with our expert Domino SSL implementation and renewal services.","breadcrumb":{"@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#primaryimage","url":"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png","contentUrl":"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2023\/09\/SSL-Implementation-Featured-Image.png","width":900,"height":450},{"@type":"BreadcrumbList","@id":"https:\/\/wordpress.prominic.net\/domino-ssl-implementation-and-renewal-a-survivors-guide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wordpress.prominic.net\/"},{"@type":"ListItem","position":2,"name":"Domino SSL Implementation and Renewal: A Survivor&#8217;s Guide"}]},{"@type":"WebSite","@id":"https:\/\/wordpress.prominic.net\/#website","url":"https:\/\/wordpress.prominic.net\/","name":"Prominic.NET","description":"Own Your Data Hosted by Prominic","publisher":{"@id":"https:\/\/wordpress.prominic.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wordpress.prominic.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/wordpress.prominic.net\/#organization","name":"Prominic.NET","alternateName":"Prominic","url":"https:\/\/wordpress.prominic.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wordpress.prominic.net\/#\/schema\/logo\/image\/","url":"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2021\/05\/Prominic-logo-transparent.jpg","contentUrl":"https:\/\/wordpress.prominic.net\/wp-content\/uploads\/2021\/05\/Prominic-logo-transparent.jpg","width":900,"height":371,"caption":"Prominic.NET"},"image":{"@id":"https:\/\/wordpress.prominic.net\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Prominic\/","https:\/\/x.com\/prominic"]},{"@type":"Person","@id":"https:\/\/wordpress.prominic.net\/#\/schema\/person\/0a78f34551bd83590cb250875be1cb94","name":"Raluca Robu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wordpress.prominic.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3f7a4f9c84492e861ac22eb4cc8f5676?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3f7a4f9c84492e861ac22eb4cc8f5676?s=96&d=mm&r=g","caption":"Raluca Robu"},"url":"https:\/\/wordpress.prominic.net\/author\/raluca\/"}]}},"_links":{"self":[{"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/posts\/243318"}],"collection":[{"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/comments?post=243318"}],"version-history":[{"count":6,"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/posts\/243318\/revisions"}],"predecessor-version":[{"id":243338,"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/posts\/243318\/revisions\/243338"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/media\/243337"}],"wp:attachment":[{"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/media?parent=243318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/categories?post=243318"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.prominic.net\/wp-json\/wp\/v2\/tags?post=243318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}