CertMgrUtils Usecase
Daniel Nashed – 27 February 2026 01:51:54
Here is the use case I had in mind first when building the helper script lib.
A flow where my CertMgrUtils class is used.
Earlier the MicroCA was added as a trusted root.
From there the Script Lib copies the trusted root from CertStore to to names.nsf to make sure the Lotus Script NotesHTTPRequest can connect to the K8s service.
Flow
- Create a key outside Domino using OpenSSL with a password
- Add it via OTS to a setup document in an application including the password
- A setup agent uses the Lib to import the key directly from the document to certstore.nsf
- Request a MicroCA document by filling in the right fields
- Create a K8s pod which has the private key assigned to a secret
- The pod runs a Go process using the key and gets the matching certificate from CertMgr via HTTP before starting the listener
- At run-time CertMgr is queried over HTTP with SNI for a matching new certificate matching the private key
- The certificate and key is updated on the fly and the HTTP listener reloads on the fly
- Comments [0]
![[HCL Domino]](../lotus-domino.gif){kind=small}
![[Domino on Linux]](../domino-linux.gif){kind=small}
![[Nash!Com]](../nashcom.gif){kind=small}
![[Daniel Nashed]](../daniel-nsh.gif){kind=small}