Domino server rating from F to A+ in seconds

Posted by:

Requirements:
Server running 9.0.1 FP4 and up

Background:
Running SSL Labs test on https://www.ssllabs.com/ssltest/index.html
Gives You low rating

Mission:
Increase rating

Step1:
Gather OCSP information
Goto Site and View certificate

Go to Intermediate certificate next to Your own and View Certificate

Go to Details and Authority Information and under Alternative name write down the URL.
In our case it is http://ocsp.starfield.com/

Step2:
Update notes.ini from console with the following, remember to replace the value of OCSP_RESPONDER with Your value from Step1.!!

set config DISABLE_SSLV3=1
set config HTTP_HSTS_MAX_AGE=17280000
set config HTTP_HSTS_INCLUDE_SUBDOMAINS=1
set config SSL_ENABLE_OCSP_STAPLING=1
set config OCSP_RESPONDER=http://ocsp.starfield.com/
set config OCSP_CLOCKSKEW=10
set config OCSP_LOGLEVEL=31
set config SSLCipherSpec=C030009FC02F009EC028006BC0140039C0270067C013

In Release 10 the last notes.ini SSLCipherSpec is not respected it must be set in Internet Sites\Security

a. Is most secure

b. If You have with a. You can use this and get a good rating anyway

Step3:
Restart HTTP task with following command:
restart task http

Now You can test Your server again and everything should be running fine

0

How to auto-configure mobile apps for IBM Connections/IBM Sametime

Posted by:

IBM is spending a lot of time and effort to develop and deliver top notch  iOS/Android apps for their social/collaboration solutions. IBM has developed mobile apps for the following products:

– IBM Connections
– IBM Sametime
– IBM Sametime Meetings

These apps can be downloaded from Apple/Google app stores. When you open one of these apps on your mobile device for the first time, you are prompted to add the hostname to the Connections/Sametime server,  the correct port, give the configuration a name and so on. This can be a little tricky for the user and can generate some unnecessary support calls to your Help-desk.

But there is a way to make this easier for the user. You can send or publish a URL, that  then clicked on will automatically configure the app with the correct server settings and so on. The user will then only need to enter her/his username and password to get connected to Connections or Sametime services. Below you have some examples on how these URLs can look like:

[Sametime Chat]
Please install IBM Sametime Meetings app and open the relevant link below to create a configuration for Greenhouse”
On Apple devices, use:
sametime://st85meetingsp.lotus.com:443/?action=AddCommunity&communityName=Greenhouse&ssl=true&authProxyReuseCredentials=true

[Sametime Meeting]
Please install IBM Sametime app and open the relevant link below to create a configuration for “Greenhouse”
On Apple devices, use:
stmeetings://greenhouse.lotus.com:443/stmeetings/configure?action=AddMeetingServer&serverName=Greenhouse&ssl=true

[IBM Connections]
Please install IBM Connections app and open the relevant link below to create a configuration for “Greenhouse Community”
For both iOS and Android devices use:
ibmscp://com.ibm.connections/launch?accountname=Greenhouse&accountserver=https://greenhouse.lotus.com/homepage

These URLs can then be sent by email to users or published on the corporate intranet (Connections of course…). The user then opens the email or intranet page on their mobile device and click on the link and the app gets auto configured 🙂

The above URLs are just a few examples on how to configure this apps. It is possible to add more logic to the URL, like users domain or even username. For more information about that, visit IBMs documentation, see below.

0