My new book "HCL Domino Certificates Key Rollover" is now available as a printed copy at Amazon and as a PDF at copecart.com.
This book is very detailed and equipped with many screenshots. This should also enable administrators who are not so familiar with certificate management to implement a key rollover in their Domino environment without errors.
Anyone who has been operating a Notes/Domino environment for a long time started "back then" with small key lengths in the certifiers as well as server and user IDs (630 bits), which are now considered insecure and should be replaced as soon as possible. Secure keys have a length of 2048 - 4096 bits.