358 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 222
Well, it's official. IBM ConnectedED does not feel my contribution is worth the session time.
Mon, Dec 1st 2014 436
First look at a new free Domino SSL certificate tool
Mon, Dec 1st 2014 345
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 287
Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 599
Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 559
Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 254
Top 10
Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 599
Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 578
Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 559
Well, it's official. IBM ConnectedED does not feel my contribution is worth the session time.
Mon, Dec 1st 2014 436
Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 427
First look at a new free Domino SSL certificate tool
Mon, Dec 1st 2014 345
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 287
Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 254
Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 222
Are you using a Surface Pro 2 or another Windows 8.1 Tablet? Want to use Traveler on the touch screen? It works!
Mon, Feb 3rd 2014 184


The usefulness and utility of Notes browser plug-in - promised for 8.5.4 around the end of 2012
   

Sorry for the long time between posts. I've been working on things most of you wouldn't be interested in, and with other social media outlets better suited to the day to day trivialities, I've wanted to keep this blog for things less quotidian. I've also been spending almost no time keeping up with what we call the "Yellowverse". I keep half an eye out through friends in the community but mostly I rely on them to tip me when something really interesting is happening. I'm happier staying out of the rest of t.....

---------------------
http://www.thenorth.com/apblog4.nsf/0/4920085342BDD190852579DF004D5DC5
Apr 13, 2012
45 hits



Recent Blog Posts
222


Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 11:53a   Andrew Pollack
I plan to open source this tool once I've done just a little more testing with other people. Drop me an email if you're interested. I'm looking for around 5 people who have the time, know how to deal with SSL stuff already, and already have the Notes 9.x admin client on their machines. The idea behind open sourcing for me, is that I've created the functional tool, and there's a lot of room for making it nicer looking and adding other kinds of functionality. For example, this tool allows you [read] Keywords: admin domino notes email
436


Well, it's official. IBM ConnectedED does not feel my contribution is worth the session time.
Mon, Dec 1st 2014 3:39p   Andrew Pollack
I know I'm in good company, and I don't deserve a session slot any more than anyone else -- but I'd be lying if I didn't admit to being a bit frustrated and disappointed. For now, I'll hold my tongue about the decision process, wish the best of luck to those who will be speaking, hope the people attending find the content helpful, and say that if you want the content I've been delivering you'll have to come to some of the user groups or to Rudi's "Admin / Developer Camp" conferences... [read] Keywords: admin domino ibm
345


First look at a new free Domino SSL certificate tool
Mon, Dec 1st 2014 3:30p   Andrew Pollack
I've coded something that I plan to release to the community if there is enough interest. It's designed to make the process of getting SHA2 certificates a little easier. I've had to request a fair number of these recently and the command line stuff is tedious and it's easy to make mistakes or misplace the various files. This tool uses the same steps as the process IBM documents and the same tools. You still have to install openSSL and the kyrtool update on your 9.x Admin client machine. The [read] Keywords: admin domino ibm community
287


Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 2:40p   Andrew Pollack
I went through the process to understand what IBM is saying in their patch information -- and while it's valid, it's also harder than it needs to be (IMCO) for people already used to doing things the Domino way. If you're already familiar with using the server certification database to create the keyring and make the certificate request certificate (CSR) you can keep using it. This is also helpful if you already have a SHA1 based certificate and you just want to re-issue. Note: This resolves [read] Keywords: domino ibm database server
599


Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 5:06p   Andrew Pollack
Here's a bit of joy to add to your day. Once your server can speak TLS 1.0 to help secure you from POODLE attacks, any code making connections to your server over HTTPS that use the utilities wget, curl and most importanly Python (and others, apparently) may break. The issue is that these tools are built using a version of openSSL that will try to connect using TLS 1.2 first -- and when that fails, the connection gets dropped. I've seen reports of this in Ruby as well, but I've verified that [read] Keywords: connections domino python server
559


Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 5:00a   Andrew Pollack
If you do not apply this patch, you are going to start having users unable to connect using SSL to your Domino servers. Vendors and customer sites are starting to release operating system and browser patch that block access to sites using only SSLv3 without TLS. Until this morning, that meant all Domino servers not using a reverse proxy front end of some kind. This patch adds TLS 1.0 to Domino versions 8.51, 8.52, 8.53, 9.0, and 9.01 in all the various platforms. TLS 1.0 is a fairly old version [read] Keywords: domino ibm
254


Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 7:39a   Andrew Pollack
This morning Andy Donaldson was asking on FB for code that turned a spam email into an EML attachment for reporting to anti-spam providers. I wrote this a while back for exactly that purpose. Rather than an attachment, this just creates an email to the anti-spam provider that contains the original spam message including all of it's header information and encoded mime. Essentially, if you took the body of what I'm sending and saved it as a text document with a .EML extension it would be the sam [read] Keywords: agent lotus email
427


Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 9:22a   Andrew Pollack
I've been more than a little sidetracked on some family things for the last week, but my good friend Gab Davis forwarded me these two links today that should address these critical issues. They're long overdue already, and will be another couple of weeks, but let's be glad to be getting them. TLS Support in a fixpack for 8.5.1, 8.5.2, 8.5.3, 9.0, and 9.0.1 within a "couple of weeks"http://www-01.ibm.com/support/docview.wss?uid=swg21687167 And http://www-01.ibm.com/support/docview.wss?uid=sw [read] Keywords: domino ibm




578


Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 9:43a   Andrew Pollack
Rather than repeat what everyone else is writing about POODLE today, I want to give Domino server administrators a few quick items as it relates to them. In Brief -- and based on what I've been able to quickly learn: IS Domino affected? Yes. All Domino servers that are accepting direct HTTPS connections are impacted. THIS MEANS ALL TRAVELER SERVERS AS WELL. What is the risk to my server or data? The most immediate risk is access to user data and user impersonation. POODLE is the type of attack [read] Keywords: connections domino traveler server
114


Speaking tonight ath the ICU One (aka NE Notes Users Group)
Tue, Oct 14th 2014 6:13a   Andrew Pollack
For my Boston area friends in the Notes and Domino community, I'm speaking tonight at the ICU One (aka NE Notes Users Group) meeting in Cambridge. Come say hi. https://www.socialbizug.org/communities/service/html/communityview?communityUuid=784f8e78-2f09-4ae8-b2f5-324faed6413f#fullpageWidgetId=W2ffed7cac839_4390_981d_b7491ef25438&eventInstUuid=c8a488ce-e4b2-410a-b192-36254d01d6b2..... [read] Keywords: domino notes community




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition