198 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Our story continues.....
Tue, Dec 13th 2016 2
#employed
Tue, Nov 15th 2016 5
An iOS10 gotcha for the 16GB'ers
Thu, Sep 15th 2016 6
Missed the blog-o-versery
Tue, Aug 16th 2016 6
My updated birthday edicts! - OBEY!
Tue, Jun 28th 2016 6
With my boots on
Thu, Apr 14th 2016 5
The Curious Case Of The Configuration Document
Sun, Feb 7th 2016 5
Top 10
Does Traveler have an issue with the Domino Domain?
Fri, Jan 16th 2015 9
Migrating Traveler to HA Error
Sat, Mar 15th 2014 9
The horrors of migrating to Domino when Single Item Recovery is in use on Exchange
Mon, Mar 16th 2015 8
Andy's Guide to.......
Thu, Jan 2nd 2014 8
Andy's Guide to Connect-o-sphere 2014
Sat, Jan 4th 2014 7
An iOS10 gotcha for the 16GB'ers
Thu, Sep 15th 2016 6
Missed the blog-o-versery
Tue, Aug 16th 2016 6
My updated birthday edicts! - OBEY!
Tue, Jun 28th 2016 6
A mystery......
Wed, Dec 4th 2013 6
With my boots on
Thu, Apr 14th 2016 5


The Curious Case Of The Configuration Document
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
   

Wow, had to blow the dust off of the old blog here so that I could share something I learned over the weekend.  And it was a bitter lesson, indeed.

Here's the scenario:
Had to stand up a new Domino server in my domain that would allow for SMTP traffic between us and our cloud based anti-spam/malware service.  A requirement of this mail flow topology is that the connectivity between my on-prem and cloud solution must have TLS connectivity.  Okay, not a big deal, right?  Well, it didn't work out that smooth.

First, I followed Gab's steps on how to create a secure SSL certificate with Domino.  Yes, Gab is awesome for writing these steps up.  Then, I went through and followed the standards that IBM has had set for years on setting your configuration document up to allow for TLS to work.  Okay, no worries, right?  Well just like in life, things don't always work the way you want them to.  When we started testing of the mail flow, we were getting repeated messages from the vendor in the cloud that they Domino server was not allowing for a STARTTLS session.  So I opened a ticket with IBM, I opened a ticket with the vendor, I had people at work much more knowledgeable then me try to hack into the servers connection and they were able to get a STARTTLS, but nothing I did with anyone , vendor, consultant worked.  

And that's when it hit me.

I deleted the configuration document for that particular Domino server, replicated that delete around, then went back in and recreated it from scratch.  Brand new document.  Made sure all my settings were set correctly, (based on the IBM doc and a server that is already doing this in my enviroment), and then walked away from it for a while.  After a bit, I started seeing STARTTLS, (we had logging on), start flashing across my server console.  Yes Virgina, there is a STARTTLS Santa Claus!  

So, why did that work?  The simple answer is, I don't know.  It's Domino.  Domino, while it's a powerful server platform, does fall prey at times to corruption in documents.  My thought was creating a brand new server config document from the ground up may help.  In this case it did.

My word to the wise, when all else fails, go back to the basics and start over.  In this case, it paid off and we are securely communicating.




---------------------
http://macian.blogspot.com/2016/02/the-curious-case-of-configuration.html
Feb 07, 2016
6 hits



Recent Blog Posts
2
Our story continues.....
Tue, Dec 13th 2016 2:32a   Andy Donaldson
In The Next Chapter....... (the new blog)
5
#employed
Tue, Nov 15th 2016 10:46p   Andy Donaldson
It happened. Finally. I landed another position. This time, it really has nothing to do with IBM Notes/Domino being a prominent part of the position. More details later on what it is I'm doing, but I do get to stay within the IT field and utilize ALL of the skills I've gained over the past 20+ years I've been in it. I've learned a lot over these past few months. Hell, this past year. It was right around this time last year, October 29th, 2015 to be exact, that my wife Denise had the ma




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition