You can configure Domino to connect to services that use custom certificates that are external to the Domino cluster. In addition to public services like AWS S3, you might want to use private services in your security domain that are secured with custom certificates or a custom certificate authority.
The following are examples of private services:
-
Docker registry
-
Git server
-
S3 service
-
LDAPs
-
OIDC
-
Data sources
Domino recommends that you add certificates for private services to the installation configuration file (domino.yml) as described in this topic. This ensures that Domino propagates the certificates throughout the system and maintains them, even when you upgrade Domino.
|
Note
|
If you add custom certificates to etc/ssl/certs in a compute environment, the system overwrites them at runtime. If you cannot use Domino’s recommended method or must configure the certificates for a specific compute environment, see Configure Certificates for A Specific Compute Environment.
|
The topics in this section explain how to work with custom certificates: