Domino 8 and key rollover, don’t do it just yet
Tags :notes8beta CA
CA key rollover not recommended in large organizations In Domino 8, administrators can assign a new set of public and private keys to a Domino certificate authority (CA), which are used to certify the keys of OUs, users and servers in that organization. The process of assigning new keys is known as key roll over, and is documented in the Domino Administration Help topic "Certificate authority key rollover."
The CA key rollover feature has not been tested in Domino customer deployments, so its use is currently not recommended in these environments. Organizations that want to become familiar with the feature are encouraged to use the feature to roll over the keys of a test CA, and then test users in their environment.
We are testing this on a test domain and found some oddities in who got updates and who did not, plus the variance in Lotus Notes client versions plays into it.
blog comments powered by Disqus
On Friday, July 6th, 2007 by Chris Miller