How to ensure that your Domino HTTP usernames and passwords are secured during log in. Normal Domino logins are passed via clear text and can be easily captured by sniffers sitting outside of your firewall. This helps to encrypt those logins.
There are 8 steps that I use to ensure that Domino HTTP passwords are encrypted:
1. Enable Session Authentication on the Internet Protocols, Domino Web Engine section of the server document.
2. Follow the instructions in the Domino Administration help to configure and enable SSL.
3. Create a database with a special login form in it. A sample database can be found at
Under the Popular downloads, choose the Domino Custom Login Forms database.
4. Upload this database to the data directory on your server with the name DCLF.nsf (can be any name but will use this for example)
5. In the database properties of any database you are publishing via Domino, set the Web Access: Require SSL Connection to yes.
6. Customize one of the forms in DCLF.nsf to your companies colours, logos, etc.
7. Create a Domino Configuration Database named domcfg.nsf (must be in the root). In that database, create a mapping to a custom login form. Point to the DCLF.nsf and form that you set up in steps 3 and 4.
8. Recycle the HTTP service >tell http restart
You will notice that when you go to login, you are presented the form in DCLF.nsf that you modified earlier, you will also notice that SSL has been activiated on your browser. When you login, your User Name and password are now passed to the server under SSL.