As is the case when working with certificate keystones (e.g. Tomcat), you need to make sure that when importing your SSL certificates to your Lotus Domino Server that the files are imported to the same key ring as was used when creating your CSR. If that key ring is lost, you will need to create a new key ring & CSR and request a reissue before proceeding with the installation
Your certificates will need to be installed to the key ring in the exact order described below.
1. In the Domino Server Certificate Administration, choose the option to "Install Trusted Root Certificate into Key Ring."
2. Enter the file name that you selected when creating your CSR, then go ahead and import your Trusted Root Certificate. You may see a message that your root certificate is already installed. If this is the case, just proceed.
3. Once again, choose the option to "Install Trusted Root Certificate into Key Ring". You should now install your Intermediate Certificate files.
4. For the next step, select the option to "Install Certificate into Key Ringâ€•. Enter the name of the key ring and then import your Primary Certificate (your_domain_name.crt) file.
Your certificate is now installed and ready to use on your Lotus Domino Server.