是否可以以编程方式告诉Lotus Notes生成新的密钥? [英] Is it possible to programmatically tell Lotus Notes to generate a new secret key?
问题描述
我正在寻找一种方法,以编程方式告诉Notes生成密钥(例如,文件,安全性,用户安全性,Notes数据,文档).有这样的吗?看来并非如此.
I'm looking for a means to programmatically tell Notes to generate a secret key (like File, Security, User Security, Notes Data, Documents). Is there such? It does not appear so.
目标是能够拥有一个模板,该模板可以自动提供该应用程序运行所需的所有秘密密钥.
The goal is to be able to have a template that auto-provisions all of the secret keys necessary for that application to operate.
推荐答案
正如Richard提到的那样,没有直接的方法可以完全自动化,但是您可以自动化其中的一些.
As Richard mentions there is no direct way to fully automate this, but you can automate some of it.
在Domino 9中,可以通过Domino控制台创建秘密密钥.因此,您将执行以下操作.
In Domino 9 it is possible to create secret keys via the Domino console. So you would do something like the following.
keymgmt create nek SECRETKEY
keymgmt export nek SECRETKEY FILENAME PASSWORD
keymgmt delete nek SECRETKEY
这将创建FILENAME的.key文件.然后,您可以将此文件邮寄给最终用户.但是,最终用户将需要分离密钥文件并将其手动导入到笔记中.他们还需要知道要导入的密码.
This will create a .key file of FILENAME. You can then mail this file to the end user. However the end user would need to detach the key file and manually import it into notes. They will also need to know the password to import.
对此进行扩展.您可以执行以下操作.
To expand on this. You could do the following.
- 按照上面的命令在服务器上创建您的初始密钥.
- 创建一个使用随机生成的密码执行导出的代理.
- 同一代理将密钥文件邮寄,并附有安装说明.
- 同一座席发送第二封电子邮件,其中包含随机生成的密码.
这不会阻止最终用户将密钥/密码转发给未经授权使用数据库的人(这是IDK阻止的),但是您可以通过这种方式进行某种程度的审核.
It won't stop the end user from forwarding on the key/password to someone not authorised to use the database (which is what an IDK prevents), but you could have some level of auditing this way.
这篇关于是否可以以编程方式告诉Lotus Notes生成新的密钥?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
