IBM Verse: Creating a Credential Store for a Domino Cluster with Examples

Credential Store is a requirement for Verse 1.0.2 or higher.

In documentation is not clear how to configure credential store for a cluster.

Setting up credential store includes the following tasks:


 * create the document encryption key in the Domino server ID file.
 * create a local file that contains the key.
 * create credstore command to create the credential store application and to assign the document encryption key.
 * copy the exported key file to notesdata directory of the other server using operating system.
 * import the document encryption key from the file, you created into the ID file of others server in Domino cluster.

= Procedure =

1) At the Domino console for the first Domino server in the cluster.

Example: In Domino console of ServerA/Organization

> keymgmt create nek credstore > keymgmt create credstore credstore > keymgmt export nek credstore mycredstore_20180516.key

Take note of the displayed fingerprint for the key, and make sure you see the message: NEK credstorekey created successfully.

2) At the server console of the other Domino server in the cluster

Example: In Domino console of ServerB/Organization

> keymgmt import nek mycredstore_20180516.key

Make sure the displayed fingerprint matches the one you made note of in the previous steps, and make sure you see the message: NEK credstorekey imported successfully.

3) Replicate \IBM_CredStore\credstore.nsf to the other servers

Using Domino Administrator to create a replica of IBM_CredStore\credstore.nsf, to other servers on Domino cluster.

4) Restart the servers