193 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Important Security Fix for IMAP
Sat, Apr 22nd 2017 8
NIFNSF Supported Maximum Size above 64 GB!
Fri, Apr 21st 2017 6
Disclaimer Attachment Issue not yet fixed in IF1
Fri, Apr 14th 2017 7
Get Notes FP Version in @Formulas
Wed, Apr 12th 2017 10
Notes/Domino 9.0.1 FP8 IF1 released
Tue, Apr 11th 2017 16
Current Information about NIFNSF
Fri, Mar 31st 2017 9
CREATE_R9_LOG is not a valid notes.ini parameter and does not exist!
Fri, Mar 24th 2017 8
Top 10
IBM Notes V9.0.1 Mac 64 Bit English (CN6VDEN )
Tue, Sep 29th 2015 23
Details about JVM 1.8 Update in Notes/Domino 9.0.1 FP8
Sun, Feb 5th 2017 23
Symantec Backup Exec End of Life
Sat, Dec 5th 2015 21
Solution for Notes/Domino related process is still running when applying a Fixpack or Hotfix
Wed, Mar 25th 2015 16
TLS 1.2 Connection Issues with mail.protection.outlook.COM
Thu, Jan 7th 2016 16
Notes/Domino 9.0.1 FP8 IF1 released
Tue, Apr 11th 2017 16
Notes 9.0.1 FP7 IF1 released
Thu, Dec 8th 2016 15
IBM Notes/Domino 9.0.1 Feature Pack 8 Preliminary Release Notice
Fri, Jan 27th 2017 14
Passing a document to an agent without saving it first
Sun, Apr 6th 2014 10
DAOS NLO Encryption and Decryption
Wed, May 28th 2014 10


Notes/Domino 9.0.1 FP3 - Java Console/Controller Incompatibility
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
Daniel Nashed    

As discussed before, it's not a good idea to completely disable SSLv3 too soon.
Notes/Domino 9.0.1 FP3 ships with a newer JVM version that completely disables SSLv3.
The Oracle team disabled SSLV3 by default but the IBM JVM team completely removed SSLv3.

The Domino server controller and Server Console are based on Java and use the SSL/TLS stack for communication.
Domino before FP3 uses SSLv3 only -- I don't want to start any theories about why ...

The newer version with FP3 and higher use TLS 1.0 only.

That means once you updated your client you cannot communicate via server controller with an older server.
And also means that you cannot communicate from an older client once you updated your server.

There is no easy work-around beside running two different clients.
Just using a different exe does not help because the main change is in the IBM JVM.
You could keep the old client binaries and clone the data directory and run the jconsole from two different directories to avoid using two different workstations.

-- Daniel


References:

http://www.ibm.com/support/docview.wss?uid=swg21695943

And information from the release notes:

9.0.1 Fix Pack 3 updates the embedded Notes/Domino JVM to 1.6 SR16 FP2 to address security vulnerabilities. This release has all of the content from the recently released POODLE and POODLE on TLS vulnerabilities in one easy to install package that includes the content from Domino 9.0.1 Fix Pack 2 Interim Fix 3 and Notes 9.0.1 Fix Pack 2 Interim Fix 4.

JVM 1.6 SR16 FP2 disabled SSLv3 and instead communicates only over TLS. If the Domino server is upgraded to 9.0.1 Fix Pack 3 (which contains JVM 1.6 SR16 FP2), the Java Console attempts to connect over SSLv3 to the JVM layer on the Domino server, which will accept only TLS connections. Applying 9.0.1 Fix Pack 3 on both the Domino server and the Java Console client will remedy the situation. For additional information, see technote 1695943 - Domino Console fails to connect to remote server after upgrading Notes or Domino to 9.0.1 Fix Pack 3



---------------------
http://blog.nashcom.de/nashcomblog.nsf/dx/notesdomino-9.0.1-fp3-java-consolecontroller-incompatibility.htm
Feb 18, 2015
7 hits



Recent Blog Posts
8
Important Security Fix for IMAP
Sat, Apr 22nd 2017 9:13a   Daniel Nashed
In case you are running IMAP on a server that is reachable over the internet you should look into this fix ASAP. It might not be that critical for internal services. See details about this vulnerability here --> http://www.ibm.com/support/docview.wss?uid=swg22002280 All versions of Domino are affected!
6
NIFNSF Supported Maximum Size above 64 GB!
Fri, Apr 21st 2017 9:02p   Daniel Nashed
After getting that question offline and having a discussion on my blog, I checked with IBM if they plan support NIFNSF sizes above 64 GB. Since it is kind of a database container and needs a database handle someone could think that the maximum limit is also 64 GB. That would give us at least 64 GB room for the NIF index -- which would be already a big improvement. But from what I recall from some comments at Connect some years ago the maximum limit was not around 64 GB when they designed it
7
Disclaimer Attachment Issue not yet fixed in IF1
Fri, Apr 14th 2017 6:28p   Daniel Nashed
As Rob Kirkland commented in one of my last blog posted, the fix in IF1 does not solve the iusse. We both checked with IBM and got the reply that the SPR just changes back the default and disables the change introduced in FP8 for Google calender integration. IBM is working on a fix hopefully makes it into FP9. So for now you should keep the notes.ini Parameter MIMEDisclaimersNoEncode=0 disabled. Thanks to Rob to bring this up! -- Daniel TPONAKFJLP After upgrade to FP8, with
10
Get Notes FP Version in @Formulas
Wed, Apr 12th 2017 6:19a   Daniel Nashed
In C-API and Lotus Script, Java developers the version information already shown for each FP. For example Lotus Script returns the full version string with session.NotesVersion. But if you want to check the version information in @Formulas @Version will still return 405. There is a new optional parameter which returns the Feature Pack version. So you use @Version to check the version and if it is 405 you check @Version(1) which will return 8 for Feature Pack 8. It is used in the new ma
16
Notes/Domino 9.0.1 FP8 IF1 released
Tue, Apr 11th 2017 5:06a   Daniel Nashed
Notes and Domino 9.0.1 FP8 IF1 has been shipped and there is also a separate fix for iNotes. All those IFs have the same version number but contain different SPRs! The most important IF is for the Domino Server. It fixes the disclaimer issue I reported before. And also the performance fix for the new feature NIFNSF which was introduced in in FP8. Be aware that NIFNSF is a server feature and not a client feature. It requires translog enabled on your server! Translog is not officially
9
Current Information about NIFNSF
Fri, Mar 31st 2017 10:42p   Daniel Nashed
Domino 9.0.1 Feature Pack 8 introduced "NIFNSF" which allows to separate the view/folder index into a separate file. Let me try to summarized my current experience from my tests and from the field. There are multiple benefits moving the index to a separate file. 1. Backup Storage Reduction First of all having the index in a separate file reduces the amount of data that you need to backup. For mail databases the index is around 10%. If you have DAOS enabled from the remaining dat
8
CREATE_R9_LOG is not a valid notes.ini parameter and does not exist!
Fri, Mar 24th 2017 8:29p   Daniel Nashed
After hearing this question twice a week I think it is time for a blog entry. There is a notes.ini parameter for the different ODS formats in different releases. The latest one you should use is Create_R9_Databases=1 to create databases with ODS 52. ODS 52 is needed for local databases which are encrypted (there was an underlying ODS issue that has been addressed in ODS 52). Also for hew new LargeSummary (16MB instead of 32KB per document) you need to be on ODS 52. But there is no ne
4
Traveler 9.0.1.17 Relased with important bug fixes
Fri, Mar 24th 2017 8:12p   Daniel Nashed
As posted before Traveler 9.0.1.16 had one issue that needed urgent attention. Push was not working when the mail-server had a short downtime. If you are on that release you should update asap. There are a couple of other fixes along with that ARPA included in 9.0.1.17. Just back from a couple of days of travel and installed it this morning. Looks good so far. APAR # Abstract LO90889 Invitee status not correct on mobile device if the invitee response is received in a non-syncing
2
D9.0.1 FP8 Attachment Corruption Issue with Disclaimers
Tue, Mar 21st 2017 3:27p   Daniel Nashed
There is an issue that has been reported about FP8. When using disclaimers attachments might be corrupted. IBM released a technote with details and is working on a fix. Feature Pack 8 contains an enhancement/fix to correctly send Google Calendar files. The fix is enabled by default and causes this corruption. You can still deploy FP8 and disable the feature/fix temporary via Notes.ini MIMEDisclaimersNoEncode=0 on your SMTP outbound server. See this SPR #TPONAKFJLP / APAR #LO91828 fo
6
Traveler on Domino 9.0.1 FP8
Tue, Mar 7th 2017 9:51p   Daniel Nashed
Domino 9.0.1 Feature Pack 8 has just shipped. If you are intending to update your Traveler Server to Domino FP8 you should be aware that you need at least Traveler 9.0.1.16 (which currently has an issue reconnecting to a mail-server if it wasn't reachable --> see previous blog posts). If you still intend to update your server there are some important requirements. FP8 comes with Java 1.8 and Traveler is using that JVM. So it some changes are needed in the Traveler code to support the




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition