361 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 221
Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 514
Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 491
Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 194
Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 373
Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 484
Speaking tonight ath the ICU One (aka NE Notes Users Group)
Tue, Oct 14th 2014 67
Top 10
Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 514
Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 491
Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 484
Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 373
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 221
Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 194
Are you using a Surface Pro 2 or another Windows 8.1 Tablet? Want to use Traveler on the touch screen? It works!
Mon, Feb 3rd 2014 121
IBM Domino Servers STILL don't support SSL SHA-2 Certificates - and about to be a PROBLEM
Wed, Sep 17th 2014 87
Changing what I do at the Fire Department
Sun, Feb 9th 2014 69
Speaking tonight ath the ICU One (aka NE Notes Users Group)
Tue, Oct 14th 2014 67


The usefulness and utility of Notes browser plug-in - promised for 8.5.4 around the end of 2012
   

Sorry for the long time between posts. I've been working on things most of you wouldn't be interested in, and with other social media outlets better suited to the day to day trivialities, I've wanted to keep this blog for things less quotidian. I've also been spending almost no time keeping up with what we call the "Yellowverse". I keep half an eye out through friends in the community but mostly I rely on them to tip me when something really interesting is happening. I'm happier staying out of the rest of t.....

---------------------
http://www.thenorth.com/apblog4.nsf/0/4920085342BDD190852579DF004D5DC5
Apr 13, 2012
22 hits



Recent Blog Posts
221


Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 2:40p   Andrew Pollack
I went through the process to understand what IBM is saying in their patch information -- and while it's valid, it's also harder than it needs to be (IMCO) for people already used to doing things the Domino way. If you're already familiar with using the server certification database to create the keyring and make the certificate request certificate (CSR) you can keep using it. This is also helpful if you already have a SHA1 based certificate and you just want to re-issue. Note: This resolves [read] Keywords: domino ibm database server
514


Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 5:06p   Andrew Pollack
Here's a bit of joy to add to your day. Once your server can speak TLS 1.0 to help secure you from POODLE attacks, any code making connections to your server over HTTPS that use the utilities wget, curl and most importanly Python (and others, apparently) may break. The issue is that these tools are built using a version of openSSL that will try to connect using TLS 1.2 first -- and when that fails, the connection gets dropped. I've seen reports of this in Ruby as well, but I've verified that [read] Keywords: connections domino python server
491


Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 5:00a   Andrew Pollack
If you do not apply this patch, you are going to start having users unable to connect using SSL to your Domino servers. Vendors and customer sites are starting to release operating system and browser patch that block access to sites using only SSLv3 without TLS. Until this morning, that meant all Domino servers not using a reverse proxy front end of some kind. This patch adds TLS 1.0 to Domino versions 8.51, 8.52, 8.53, 9.0, and 9.01 in all the various platforms. TLS 1.0 is a fairly old version [read] Keywords: domino ibm
194


Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 7:39a   Andrew Pollack
This morning Andy Donaldson was asking on FB for code that turned a spam email into an EML attachment for reporting to anti-spam providers. I wrote this a while back for exactly that purpose. Rather than an attachment, this just creates an email to the anti-spam provider that contains the original spam message including all of it's header information and encoded mime. Essentially, if you took the body of what I'm sending and saved it as a text document with a .EML extension it would be the sam [read] Keywords: agent lotus email
373


Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 9:22a   Andrew Pollack
I've been more than a little sidetracked on some family things for the last week, but my good friend Gab Davis forwarded me these two links today that should address these critical issues. They're long overdue already, and will be another couple of weeks, but let's be glad to be getting them. TLS Support in a fixpack for 8.5.1, 8.5.2, 8.5.3, 9.0, and 9.0.1 within a "couple of weeks"http://www-01.ibm.com/support/docview.wss?uid=swg21687167 And http://www-01.ibm.com/support/docview.wss?uid=sw [read] Keywords: domino ibm
484


Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 9:43a   Andrew Pollack
Rather than repeat what everyone else is writing about POODLE today, I want to give Domino server administrators a few quick items as it relates to them. In Brief -- and based on what I've been able to quickly learn: IS Domino affected? Yes. All Domino servers that are accepting direct HTTPS connections are impacted. THIS MEANS ALL TRAVELER SERVERS AS WELL. What is the risk to my server or data? The most immediate risk is access to user data and user impersonation. POODLE is the type of attack [read] Keywords: connections domino traveler server
67


Speaking tonight ath the ICU One (aka NE Notes Users Group)
Tue, Oct 14th 2014 6:13a   Andrew Pollack
For my Boston area friends in the Notes and Domino community, I'm speaking tonight at the ICU One (aka NE Notes Users Group) meeting in Cambridge. Come say hi. https://www.socialbizug.org/communities/service/html/communityview?communityUuid=784f8e78-2f09-4ae8-b2f5-324faed6413f#fullpageWidgetId=W2ffed7cac839_4390_981d_b7491ef25438&eventInstUuid=c8a488ce-e4b2-410a-b192-36254d01d6b2..... [read] Keywords: domino notes community




54


Presentations from AdminCamp 2014
Thu, Oct 9th 2014 7:03p   Andrew Pollack
These are the presentations I gave at AdminCamp 2014 Extreme Domino HTTP Configuration The HTTP task is more powerful and complex than it looks. We`ll go through the configuration and show you how to make your server respond just the way you want. We`ll talk about virtual web sites, multi-homing, URL redirection, headers, and path substitution. Learn how you can use more than one SSL certificate on the same server. Domino Server & Application Performance in the Real World When it comes to pe [read] Keywords: domino application server
87


IBM Domino Servers STILL don't support SSL SHA-2 Certificates - and about to be a PROBLEM
Wed, Sep 17th 2014 9:20a   Andrew Pollack
I haven't blogged about anything, much less an IBM Domino issue in quite some time, but as Mooney pointed out today, this one is moving quickly toward being critical. Read the article, then call your IBM sales rep and start demanding they update to include SHA-2 SSL support immediately. The only people who can get this done, are big IBM Domino customers. Since this doesn't have a direct net positive effect on EPS (Earnings Per Share) for 2016, nothing is going to get done on it as long as they [read] Keywords: domino ibm lotus
69


Changing what I do at the Fire Department
Sun, Feb 9th 2014 9:40a   Andrew Pollack
So, here’s a bit of a change. A couple of weeks ago I let the chief know that it was time for me to step down as the Lieutenant of our Engine 1. Once a replacement is chosen, I’ll still be a firefighter but won’t be an officer any longer. There are a number of reasons for this, but the best explanation I can give is that it is time to let someone else grow into that role and make their own contribution, while at the same time I’ve got plenty of other things going on that keep me from put [read] Keywords:




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition