Domino V12 ACME for company CAs using smallstep  

By Daniel Nashed | 10/19/20 3:05 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

The Let's Encrypt CA only works for web servers exposed to the internet (or at least public Domains in combination with your providers DNS). But the smallstep CA does now support the ACME protocol (RFC 8555) -- which is the underlying standard used by Let's Encrypt. I was looking for a way to deploy internal web server test certificates for my lab and ran into this. The whole setup took me like 10 minutes and it just works!

HCL Domino 12.0 on Docker Early Access October 2020  

By Daniel Nashed | 10/13/20 4:29 PM | Infrastructure - Notes / Domino | Added by Matteo Bisi

The new code drop is available with more preview features. One of the highlight features is TOTP. You can now use two factor authentication for HTTPS connections.

Easy kyr file creation with Early Access V12 in production  

By Daniel Nashed | 10/12/20 2:22 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

The kyr format is a really old propritary IBM format. Since Domino 9 the only way to create kyr files is to use the command-line kyrtool. It can only import existing key pairs + certificates. So the current flow is often to use OpenSSL to create a key pair and a CSR or to import existing key pairs with the matching certificates. That flow is going to change with Domino V12 completely. The CertMgr servertask and the cerstore.nsf will completely simplify the operation and remove the need for kyr files.

Let’s Encrypt Domino Early Access V12 in production  

By Daniel Nashed | 10/10/20 5:13 PM | Infrastructure - Notes / Domino | Added by Oliver Busse

We got the first two code drops for the early access program. The October code drop show be available soon. With new features .. This is a great opportunity for an early look and to provide feedback.

Domino HTTP show kyr file used  

By Daniel Nashed | 9/28/20 2:23 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

Just ran into "tell http show security" I did not notice it before. Can be useful to show the currently configured kyr file per website.

Install Docker 19.03 on CentOS 8+  

By Daniel Nashed | 9/25/20 5:16 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

RedHat is still shipping an older containerd version with CentOS 8 than what they shipped with CentOS 7. This blocks Docker 19+ installations. The only way to get Docker installed, is to use the -nobest option which will install Docker 18.x. But you really want to install Docker 19.03