By Sasa Brkic | 10/23/14 4:07 AM | - | Added by Per Henrik Lausten
We have a solution that is used by thousands of public sector workers.
The solution relies heavily on interacting with various web services provided by the tax authority, social welfare and health authorities and others.
So we have a lots of Domino web service consumers and providers that require both SSL and authentication using certificates.
Like many others we were aware of Domino's lack of support for TLS and SHA-2, but the web services providers were not insisting on them, so everything worked fine. Until last Friday, when one after the other turned off support for SSL v3. We could just watch as all our consumers stopped working.
Despite the recent technotes (1418982 and 1687167) stating that the fix will be available in "the next several weeks", we needed a working solution immediately.
We are familiar and have been using reverse proxies before. But it didn't seem they could be used in our case. A reverse proxy is often positioned in front of a server (provider), but in this case our Domino servers were clients (consumers).
But, it turns out that you actually can use reverse proxy even in this use case.