SSL and Domino (or how to waste an afternoon!)

This technote was invaluable today. Today, I had to add self-signed SSL to a domino server. This 30-step odd process was the clearest technote on how to actually enable SSL and add *any* sort of certificate.


I'm not kidding when I say it still took three hours, and four attempts to get right. Okay, aside from me being a developer, and it being Friday afternoon (and I can *smell* the Caledonian 80-shilling on tap from the bottom of the garden), it still requires using Certificate Authority (the 'CA' process), AdminP, creating random databases, and copying server keyring files to the server hard drive. Sacrificing the odd chicken helps, as does screaming AAAAAUUUGGGGGH at the moon when I got to the end and I'd misspelt the domain.


Please, can someone please tell me why it has to be so bad? Can someone acually justify designing a process this horrible?



At the end of this process, as I'm too tight to pay for a proper keyring from Verisign or someone else (Who's the cheapest, BTW?), the users STILL get prompted and warned not to use the SSL key. Is it worth it ?


And you'd think by 8.x that we'd have a wee page on the admin client that said 'create me an SSL keyring, for ALL my domains and install it for me please'.. ? Instead of tramping through this nightmare process for EACH domain..


The pub is now calling..