Let's Encrypt in Domino Environments
From time to time we have to implement or update a certificate on our Domino and/or Traveler servers. Let's encrypt enables us to get those certificates for free without any charge (Expiration time: 90 days). The first step is to receive those certificates. Depending on your operation system you have to install one of the several clients. We use the certbot-auto client.
The way to install that client is well documented and there is no need to be explained here. After that you need to create your certificate. Here are the steps on how to create and convert them into a domino environment.
- Create Certificate
- Execute necessary command
- Create necessary file in your domino environment
- Let's encrypt will check for this file
- Certificates will be generated
- Migrate certificates to Domino
- Create single certificate file
- Download kyrtool from IBM
- Use kyrtool to create a Domino KYR-file
- Import all data into newly created KYR-file
- Install new certifcate in Domino
In the next article we will explain how to create Let's Encrypt certificates. And in the last article we will explain how to migrate them to domino.
Where Do I Find NOTES.INI On My Mac
If you try to find the notes.ini file on your Mac you will not find one. All application specific properties will be stored in a file called
"Notes Preferences"
in each users home directory. If your user eg is called Keith then navigate to
/Users/Keith/Library/Preferences/
here you will find the file Notes Preferences which includes the same information and syntax as the notes.ini file.
Ubuntu Kernel patched: solved bindsock issue on Domino servers
If you run a Domino, Sametime or Traveler server on Ubuntu than you might have recognized an issue during the last kernel releases that prevented to start http, ldap or any other task running a port smaller than 1024.
The Ubuntu kernel team solved that issue by implementing a workaround in the kernel because the main issue seems to be in bindsock library on domino side. Now we could run the up to date kernel release on Domino servers again.
Hopefully this workaround will not be removed in later kernel versions (again).
If you want to be informed follow:
Passworddecoder for WAS-Passwords
We frequently have the same problem on customer sides that we find WAS-installation (WebSphere Portal, IBM Connections, Sametime etc) and nobody remembers the passwords used for internal/ machine users.
If you look into config files you will find only the encrypted passwords.
Because of this you can decrypt your password using one of three methods.
- You can just search the web
- You can execute a long commandline on your server.
Examples for this with WAS Version 8
../java/bin/java -Djava.ext.dirs=/opt/WebSphere/AppServer/deploytool/itp/plugins/com.ibm.websphere.v8_1.0.201.v20111031_1843/wasJars/ -cp securityimpl.jar:iwsorb.jar com.ibm.ws.security.util.PasswordDecoder {xor}HQkdb2Y=
encoded password == "{xor}HQkdb2Y=", decoded password == "BVB09"
Same for version 7
WAS Version 7
../java/bin/java -Djava.ext.dirs=/app/websphere/appserver/deploytool/itp/plugins/com.ibm.websphere.v7_7.0.3.v20110824_2356/wasJars/ -cp securityimpl.jar:iwsorb.jar com.ibm.ws.security.util.PasswordDecoder {xor}HQkdb2Y=
encoded password == "{xor}HQkdb2Y=", decoded password == "BVB09"
The most diffcult thing for us is to remember the command and the syntax to execute. Well, we wrote a scipt.
Feel free to copy it to your homedirectory and execute it (at your own risk). The script will check for the correct path and gives you the decrypted password on the command line.
Download here......
IBM Notes installation on Ubuntu 12.10 and 12.04 LTS
If you want to use the current LTS release 12.04 or the current release 12.10 it is highly recommended to use the 32-bit version of the operating system even if you have more than 4Gb of RAM installed on your pc.
If you really need to install a 64bit version of Ubuntu use the installation script from Mat Newman (very helpfull, Mat. Thanx for sharing it).
If you decided to use the 12.04 LTS version you should now use the ubuntu software center to install a different kernel. Best choice is a so called PAE-Kernel, which means that you still run a 32-bit operating system which aftwerwards will be able to use 36-bit of memory, which means up to 64Gb of Ram. This might be enough for your laptop ;-).
If you installed 12.10 there is no need to install a different kernel because the generic kernel already has enabled the PAE-feature.
The next step is just for 12.04 users.
After installing the new kernel and rebooting your machine check whether you have the right kernel up and running by typing to a shell
uname -r
which results in something like this:
On 12.10 you will just get something like
which is perfectly good enough for us.
After that you have to install some ubuntu libraries to meet all dependencies of IBM Notes. Do a
sudo apt-get install libgnomeprint2.2-0 libgnomeprintui2.2-0 libgnome2-0 libgnomeui-0 libgconf2-4 libgnome-desktop-2-17 libjpeg62 libxss1 ttf-xfree86-nonfree
That's it. After that you can start to install IBM Notes. Switch to the directory where the instalation files are located (eg a network device mounted at /media/install) and start the installation of IBM Notes there by typing
sudo ./smartupgrade.sh
This will install the current version of IBM Notes 9. After finishing the Installation start IBM Notes the first time to configure it correctly.
All components that are shiped will be installed. There is no realy need to install additional libraries to be able to work with IBM Notes on a 32-bit Version of Ubuntu Desktop.
After that, enjoy your IBM Notes client on Ubuntu.
And your PC has a lot of available memory.
If you want to see this as a video have a look at
Any questions or any feedback to this article? Use the button in the right panel to contact us.