CertMgr_Proxy – Outbound Proxy for CertMgr (HCL Domino)

Parameter: CertMgr_Proxy

Short description: Defines the proxy that the Certificate Manager uses for all outbound connections (e.g. to the ACME CA). For authenticated proxies an account document in the configuration database should be used instead.

Profile

Parameter	`CertMgr_Proxy`
Category	Security / TLS (Certificate Manager)
Available since	At least 12.0 (HCL documentation)
GUI equivalent	notes.ini only — no command-line equivalent. For authenticated proxies: account document in the configuration database.
Possible values	Proxy URL: HTTP `http://host:port` or SOCKS `socks://host:port`
Default	None (no proxy)

Description

According to the HCL product documentation:

Default: None — Example values: http://proxy.acme.com:8080 socks://socks.acme.com:1080 — Command-line equivalent: None — Description: Defines the proxy to use for all communication. This parameter is intended for automation. For standard use cases, use an account document in the configuration database, which also supports authenticated proxy connections.

CertMgr_Proxy defines a proxy server that the Certificate Manager uses for all outbound connections — typical use cases are ACME calls to Let's Encrypt, OCSP validations, or calls to external Certificate Authorities. The parameter is explicitly intended for automation scenarios.

For standard use cases — especially when the proxy requires authentication — HCL recommends configuration via an account document in the configuration database instead, which also supports authenticated proxy connections.

Example configuration


CertMgr_Proxy=http://proxy.acme.com:8080


CertMgr_Proxy=socks://socks.acme.com:1080

Notes & pitfalls

CertMgr exists since HCL Domino 12 — on older versions (≤ 11.x) the parameter has no effect.

Supported schemes: http:// and socks://.

No CLI equivalent — takes effect only via notes.ini.

For authenticated proxies (user/password), CertMgr_Proxy is not suitable — use the account document instead.

Applies to all CertMgr outbound connections, including health checks and URL validations.

Sources (HCL Product Documentation)

HCL Domino 14.5.1 – CertMgr_Proxy: help.hcl-software.com/domino/14.5.1/admin/secu_le_CertMgr_Proxy.html

HCL Domino 14.5.1 – CertMgr notes.ini settings (overview): help.hcl-software.com/domino/14.5.1/admin/secu_le_notesini_settings.html