Security – IBM exam 722
These questions are derived from the Self Test Software Practice Test for IBM exam #722 – IBM Lotus Notes Domino 7 Managing Servers and Users.
SubObjective: Configuring SSL on a Server
Single Answer, Multiple Choice
Linda is using the Domino Administrator to create the CA key ring file. Where will the key ring file be stored, by default?
- In the Certificate Authority database
- In the Domino Directory database
- In the Issued Certificate List database
- In the data directory of the Domino Administrator client
D. In the data directory of the Domino Administrator client
When the Domino Administrator client is used to create a key ring file, the file is stored in the data directory of the Domino Administrator client by default.
A key ring file, containing a server certificate from an Internet certificate authority, is required before SSL can be enabled on a Domino server. A key ring file is a binary, password-protected file that stores the server certificate and trusted root certificates. The server certificate can be created by a Domino certificate authority, or it can be acquired from a 3rd-party certificate authority.
The filename for the key ring file is specified in the “Ports > Internet Ports” tab of the Server document. If the Domino server is configured to use Internet Sites, the filename for the key ring file is specified in the Security tab of the Web Site document(s). The default filename for the key ring file is keyfile.kyr.
1. Domino Administrator 7 Help – search on: Creating a CA key ring file and certificate
2. Administering the Domino System – Volume 2, Chapter 46 http://doc.notes.net/uafiles.nsf/docs/domino6PR2/$File/adminvol2.pdf