Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Please Help!  Cross Certificate Errors in Lotus Notes

Posted on 2008-10-17
11
Medium Priority
?
1,525 Views
Last Modified: 2013-12-18
Hi lnotes experts (I so appreciate you assistance)!

I designed a small db for my husband's company who is on 6.5.2 (upgrading to 8.0 soon).  We have had no problems until now replacing the design when they asked for more features or if we needed to fix something.  We would replace design and all was good (no error, no new certificates, etc.).

This last time we went to replace design and we keep getting "Invalid Cross Certificate was found for /(mycompany name).  This could be a possible attack, please notify your administrator.  Select 'Yes' to keep the current existing Cross Certificate.

Please help!  I don't want cross certificates or errors to keep popping up for the users.  The only thing different between the last update and this one is that I had to reinstall domino on my machine, but I set it up exactly the same.
0
Comment
Question by:onederwomyn
11 Comments
 
LVL 22

Expert Comment

by:mbonaci
ID: 22741179
If that would work like you mentioned then I could install server e.g. LOTUS/IBM and register myself as administrator and hack into the real IBM domain.

When you installed the new server it got the different security key.
You should now uninstall your new server at home and install the new one, as existing server and use the cert.id from your husband's company.

Hope this helps,
Mb¤
0
 

Author Comment

by:onederwomyn
ID: 22741243
I don't have a domino server.  I just program and test out of designer.  I don't run agents -- the only thing it does is simple emailing and I can tell if that is working without the server.  So, I am not sure how it gets its security key without the server.
0
 
LVL 22

Expert Comment

by:mbonaci
ID: 22741582
How do you mean you don't have server, you said this:
"The only thing different between the last update and this one is that I had to reinstall domino on my machine, but I set it up exactly the same."

Domino = server

What have you installed (new) then?
Have you used your old ID file or you created a new one?
What else is different?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 22

Expert Comment

by:mbonaci
ID: 22741661
You can try this as an emergency fix:
Before replacing design in the husband's company, with the templates you brought from home, first create copy of the template using Notes client and use it to replace design.

Hope this helps,
mb¤
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 22741788
1) As mentioned, you should be using the same ID file to sign the design template

2) Make sure that no changes were done on the server regarding policies for security of templates.

3) Check the ECM settings on the users having issues, and see if you  are listed as a trusted user, if not sign the template with a user who is already trusted by everybody.


I hope this helps !
0
 

Author Comment

by:onederwomyn
ID: 22741797
My apologies, I meant domino designer, not just domino!  I have on my workstation, domino designer and lotus notes mail client.  

Your last solution I had read somewhere else as well and I am going to try it.  I have my fingers crossed it works.
0
 

Author Comment

by:onederwomyn
ID: 22741929
How do you sign a template?  I know it sounds stupid, but I thought it just automatically signs it with the name of the person who created it.

Also, does anyone know of step by step documents that I can give his IT area as to how to sign it so that people stop getting cross certificates?  Ugh.  I have encountered this stuff previously, because I developed for the company that it was used in.  I am no longer at that job and doing part time development for a company I do not work at.  I don't have an ID file there and am not set up on their server.
0
 

Author Comment

by:onederwomyn
ID: 22741932
One last thing -- how can I tell what the name of the id file was that signed their current production version?
0
 
LVL 22

Expert Comment

by:mbonaci
ID: 22742141
Open db in designer, locate the design element you last edited, properties, field $UpdatedBy - last entry.
0
 
LVL 20

Accepted Solution

by:
brwwiggins earned 2000 total points
ID: 22742785
You can sign the template using the admin client. Go to the Files tab then expand database on the right and click on sign..
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 22757378
I suppose this is what happened:
- you installed 1, 2, or all clients (Notes, Designer and Admin) on your PC
- you generated an id yourself (say for One Derwoman/HomePC ;-))
- you cross-certified that id on the server of the company
- PC CRASH or whatever, time to reinstall
- you installed 1, 2, or all clients (Notes, Designer and Admin) on your PC
- you generated an id yourself (say for One Derwoman/HomePC ;-))
- you cross-certified that id on the server of the company

And now you think that the first One Derwoman/HomePC is exactly the same as the second One Derwoman/HomePC?? Wrong! Exactly as Marko saidin his first post: that would enable anybody to assume someone else's identity. So, both ids are NOT identical, hence the load of errormessages you get.

Two solutions:
- get your original id-file and see if it still works on your installation; if it does, resign all elements in your database with the old id and redo the installation of thze application on the company's server
- if you do no longer have the original id, make a copy of the current one and put it in a safe place; then repeat the original cross-certification procedure, so your current id will get cross-certified.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For users on the Lotus Notes 8 Standard client, this article provides information on checking the Java Heap size and adjusting it to half of your system RAM in attempt to get the Lotus Notes 8.x Standard client to run faster.  I've had to exercise t…
IBM Notes offer Encryption feature using which the user can secure its NSF emails or entire database easily. In this section we will discuss about the process to Encrypt Incoming and Outgoing Mails in depth.
Integration Management Part 2
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question