Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Domino not switching to TLS 1.0

Posted on 2015-02-03
4
Medium Priority
?
896 Views
Last Modified: 2015-02-04
We need to do HTTPS on our Domino 8.5.2 servers.
Browsers no longer support SSL3.0
IBM indicates that Fix Pack 4 handles the "Poodle" issue: forcing TLS 1.0
We upgraded our server with lotus_domino852FP4.exe downloaded from IBM.
Problem:  it still doesn't work.  It looks like Domino HTTP is not forcing a switch to TLS 1.0.
All browsers (IE, Firefox, Chrome) report errors.  For example:
IE:  This page can’t be displayed.  Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://192.168.10.96  again. If this error persists, contact your site administrator. --> TLS 1.0 is on.

So it looks like the "fix" didn't take.  Or is there another configuration I missed.
0
Comment
Question by:Francois Koutchouk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 46

Accepted Solution

by:
Sjef Bosman earned 2000 total points
ID: 40587602
I suppose you followed the guidelines on this page: http://www-10.lotus.com/ldd/dominowiki.nsf/dx/IBM_Domino_TLS_1.0 and you downloaded 8.5.2 Fix Pack 4 Interim Fix 3. Correct?

Firefox is TLS enabled, so it seems, but you could maybe get more info using Force-TLS, see https://addons.mozilla.org/en-US/firefox/addon/force-tls/
0
 
LVL 2

Author Comment

by:Francois Koutchouk
ID: 40587668
Right on.  I loaded FP4... turns out I needed FP4 plus the FP4 Interim Fix3.  How in the world would anyone know that the FP4 downloaded from IBM did not contain, ah, fixes?!  Perhaps calling it FP5 would have confused the outside world a touch less!
In any case, thanks.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 40588106
"Oh no, oh nonononono.... Can't do that, sir, there's one FP every 4 months, so if there are big bugs we can't call it an FP. Oh no. That's an Interim Fix, see, and at the end of our 4 months we'll include the IF in the FP. Otherwise we'd have FPs all over the place. Would be bad, wouldn't it?"

Thanks! ;-)
0
 
LVL 2

Author Comment

by:Francois Koutchouk
ID: 40588371
Nice insight.  Though, one would have expected an FP5 at the next scheduled FP release, perhaps identical to the FP4 Fix 3.  Logic in blue, I gather!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lack of Storage capacity is a common problem that exists in every field of life. Here we are taking the case of Lotus Notes Emails, as we all know that we are totally depend on e-communication i.e. Emails. This article is fully dedicated to resolvin…
IBM Notes offer Encryption feature using which the user can secure its NSF emails or entire database easily. In this section we will discuss about the process to Encrypt Incoming and Outgoing Mails in depth.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question