fighting for truth, justice, and a kick-butt lotus notes experience.

If you want SHA-2 Support for Domino HTTP add yourself to Enhancement Request ABAI7SASE6

 August 22 2014 06:41:23 PM
"IBM Domino support has received several questions and PMRs recently regarding SHA-2 support within Domino. SHA-2 is currently supported with x.509 certificate for s/mime in the Domino environment.
At this time, the Domino kyr file does not provide native support for SHA-2 certificates for protocols such as LDAPS, HTTPS, DIIOPS, etc.

We are aware that Certificate Authorities are no longer offering SHA1 certs by default, and many browsers will soon depreciate their trust of SHA1.

For HTTP requests (on the Windows server platform), we currently recommend using the IHS proxy server, available starting with Domino 9.0:

*Link to presentation on Implementing TLS support with IBM Domino 9.x and IBM HTTP Server (IHS)
*Link to IHS reference:

At this time, the request to provide full native support for SHA-2 is currently under investigation by the Domino Development team:

Enhancement Request Number: ABAI7SASE6

Technote reference:  
APAR reference:  

If you also desire this functionality in your environment, we encourage you to open a PMR and add your company to the enhancement request . This alerts our development team to the continued interest for this feature, which is not a guarantee of a solution or fix, just an inclusion to this existing enhancement request for this feature to be considered for a future release

Please add yourself to the Enhancement Request or participate in the discussion started by Amy Knox (IBM):

Update 21.10.2014:

Check out the latest Technote: