My Cross Certifying Problem on Domino

Domino Forever

I thought I had done everything right when I cross certified my local Domino server with my IBM SmartCloud Domino server. But something was still not working!

I have installed a Domino server locally on my computer. I use this to be able to develop and test Domino solutions, without having to worry about being online all the time, as well as doing things that really shouldn’t be done in a production environment. I already had a Notes client installed, which is connected to IBM Cloud for my mail and calendar, with its own user and id file.

On the local Domino server, I created an environment, with a new user for me (and an id file) for testing and development. At the same time, I wanted to cross certify my cloud user so that I wouldn’t have to switch user every time I wanted to access and work with the apps on my local Domino-server.

Since it was a long time since the last time I had done such a cross certification, I found the manual and step by step guidelines for doing so at IBM’s web site. I followed them to the letter.

After that, I added the cloud user to the local Domino servers admin group in names.nsf, so that it would have administrator privileges. So far so good, or so I thought. Because when I tried to access the a local Domino application with my cloud user, I got the following message:

Certification error

Now, as you can see in the message, I would still be able to access the server and the application. But this appeared every time I tried to access local applications, so it was annoying. I then restarted my Notes client, and now this only happened the first time I accessed an application on the local server. After the message had appeared once, it would not appear again during that session. But next time I restarted the Notes client, it would appear again, but just once.

Paul Withers has written a fab blog posting about working with a local Domino server, but unfortunately it didn’t solve this particular problem.

Since I have no way to access the address book for my Cloud environment, I thought I was stuck with this. But then David Hablewitz sent me a link to this article. The article basically told me to check if I had an already existing certification entry for the local Domino server with the same name in my local names.nsf.

You can check this by opening your local Contacts application, click Advanded in the left menu and then find the menu item Certificates:



And I did find it there! I had completely forgotten that the last time I installed a local Domino server, I gave it the same name as the new one. And of course, when I uninstalled it, I did not go into my local address book to delete it’s certificate entry. So my Notes client was trying to use the preexisting cross certificate instead of the new one.

Once I deleted the old one, everything was hunky dory! Because the next time I was accessing a local Notes application, it asked me if I wanted to cross certify, I replied Yes, and then the question never appeared again. Just as it should be!

And once again we proved how valuable the documentation on IBM’s web site can be, and how we IBM Champions stick up for each other and help each other out.

I hope this was useful to some of you. Or do you have any questions? Let me know in the comments below!


2 thoughts on “My Cross Certifying Problem on Domino”

  1. I love you! Thanks for writing this, I had the same thing working an lab server. Yup, named it the same thing and did not even think about it if I ever had before.

Leave a Reply to Keith Brooks Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.