Recent
Domino CertMgr GitHub Repository with additional material 
By Daniel Nashed | 9/27/23 1:21 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
Documentation is always a challenge. This is specially true when it comes to complex topics like SSL/TLS certificates.
Many admins still use their old cook books to get certificates created.
When HCL introduced CertMgr in Domino 12.0 the team asked for feedback in the early code drops.
And the team is keeping asking in public and private forums since then.
We really need your help to get it right. We need detailed feedback and questions.
My new plan is to turn questions into FAQs and Howto documents in this GitHub repository.
Designer Client in Nomad Web
By Cormac McCarthy | 9/26/23 3:44 PM | Development - Notes / Domino | Added by Oliver Busse
One of the best things HCL have brought in over the previous few years have been really active early access and beta programs for releases.
One that probably doesn’t get enough attention if the one for Nomad for Web Browsers.
This year alone there’s been at least 8 different versions deployed to their Sandbox environment. (there may be more these are the versions I’ve used). It is the quickest way to see and give feedback on Domino Restyle updates.
Source Control is Coming – Again and Finally!
By David Leedy | 9/26/23 9:58 AM | Development - Notes / Domino | Added by Oliver Busse
Yesterday at Collabsphere I was in a great session by Dan Dumont that was simply titled “Source Control in Designer”.
Source control is nothing new to designer as we’ve had this for years. I think there are at least 6 episodes of NotesIn9 that either are dedicated or touch on source control.
Who moved my Domino keyfile.kyr files?
By Daniel Nashed | 9/25/23 2:00 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Domino security in 2023
Domino 12.0 introduced a new, standards based and open way to work with web server certificates.
Instead of using command-line tools like OpenSSL and the Domino kyrtool you can now manage all web server certificates in a domain wide certstore.nsf.
The new functionality based on the well known text based PEM standard for certificates provides simplified flows and automation options for all type of certificates.
Domino 12 also introduces the more modern ECDSA (sometimes referred as ECC) keys/certificates which are based on elliptic crypto which has dramatically less overhead.
Moving from keyfile.kyr to certstore.nsf
The legacy kyr files can be automatically imported into certstore.nsf with a single command-line operation (load certmgr -importkyr all).
Migrate MongoDB in HCL Connections Component Pack 8
By Christoph Stoettner | 9/22/23 3:31 AM | Infrastructure - Connections | Added by Roberto Boccadoro
The official documentation, “Migrating data from MongoDB 3 to 5”,
wants to dump the MongoDB databases in 3.6 and then restore this data into the newly deployed MongoDB 5.
One issue with this process is that we can’t run the two MongoDB versions in parallel on Kubernetes because the provided helm charts and container for MongoDB 3.6 stop running after Kubernetes 1.21. On the other side, the helm chart providing MongoDB 5 can’t be installed on those old Kubernetes versions. So the process to update is:
Migration process
Dump databases in MongoDB 3.6 (version delivered with Connections 7)
Update Kubernetes to 1.25 or 1.27
Restore MongoDB databases to version 5.0
So, you have to plan the process in advance because it is difficult to get the data when you forget something.
width=device-width,initial-scale=1,user-scalable=no Migrate MongoDB in HCL Connections Component Pack 8 · stoeps 49.642538;8.638950 DE Heppenheim, Germany 49.642538, 8.638950 Heppenheim The official documentation, “Migrating data from MongoDB 3 to 5”, wants to dump the MongoDB databases in 3.6 and then restore this data in
XPages Elements Beyond the NSF
By Paul Withers | 9/19/23 4:02 AM | Development - Notes / Domino | Added by Roberto Boccadoro
I do very little XPages these days, I have one application for personal usage that rarely gets updated. But it’s when applications rarely get touched that changes elsewhere on the server can have a big impact. I’m going to cover two here, the first raised by a discussion on Discord last week.
New Tiny Project: Wink Chattiness Patch
By Jesse Gallagher | 9/19/23 3:38 AM | Development - Notes / Domino | Added by Roberto Boccadoro
I've been using the Domino 14 betas for development for a while now, and one of the things that has driven me a little nuts is the way Wink spews a bunch of INFO-level logs to the server console when the XPages runtime initializes. You've probably seen it - this stuff:
It goes on for a while like that.
This isn't new with 14 as such - it's just that 14 now ships with Verse by default, and Verse uses the Wink distribution that came along with the Extension Library, and so now everyone sees this.
Quick Tip: What is Notes tryin' to tell me? // Oliver Busse
By Oliver Busse | 9/18/23 4:27 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Quick Tip: What is Notes tryin' to tell me? // Oliver Busse
Quick Tip: What is Notes tryin' to tell me? // Oliver Busse /hp.nsf/life.png width=device-width, initial-scale=1 /xsp/.ibmxspres/.extlib/bootstrap/xsptheme/xsp.css /xsp/.ibmxspres/.extlib/bootstrap/bootstrap320/css/bootstrap.min.css /xsp/.ibmxspres/dojoroot-1.9.7/dijit/themes/tundra/tundra.css /xsp/.ibmxspres/.extlib/bootstrap/xpages300.css https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css /hp.nsf/bs3_tweaks.css /hp.nsf/paper/bootstrap.css /hp.nsf/hp_tweaks.css /hp.nsf/google-code-prettify/prettify.css /hp.nsf/prettify-desert.css 12, hcl, notes, quicktip, wtf /xsp/.ibmxspres/.extlib/css/tagcloud.css Toggle navigation index.xsp Oliver Busse about.xsp About # Pages blog.xsp Blog tutorials.xsp Tutorials docu.xsp Docs http://de.slideshare.net/OliverBusse Slide Decks terms.xsp Terms domnav.xsp Domino Navigator other.xsp More # Projects http://www.openntf.org/main.nsf/project.xsp?r=proj
HCL Domino LEAP is not HCL Domino Volt anymore and it is even better - Javi's Blog
By Javier Sanchez | 9/18/23 4:26 AM | Development - Leap / Volt | Added by Roberto Boccadoro
he “HCl Domino Volt“ brand passed away. Maybe to avoid the confsion with the new and fancy Volt Mx product, HCL had decided to rebranded to “HCL Domino Leap“. And it still getting more and more functionality. That point makes the product more “complete” and enlarge the number of use cases that you can resolve with HCL Domino Leap.
At the beginning, HCL Domino Volt was a “NoCode” development product too focused (or limited) on data entry for not-too-complex applications. This meant that there were very few use cases that Volt was suited to. While it had a unique simplicity in creating responsive web forms, was a fact that the product lacked in data presentation options.
It gradually improved and also increase in the integration options with our Domino applications. Not only from REST applications, but we would also have direct access to the data included in our Domino applications with the UniversalID or across a traditional Notes view.
Upgrading Notes client to V12 on Terminal Server
By Roberto Boccadoro | 9/13/23 12:07 PM | Infrastructure - Notes / Domino | Added by Oliver Busse
I worked with my friend and lady geek, Marianna Tomasatti, at a customer to perform an upgrade of the Notes client to V12.0.2 FP1 on Terminal Server Windows 2019 Datacenter (multi-user installation) because the Notes clients had some issues.
XPages JEE 2.13.0
By Jesse Gallagher | 7/24/23 12:53 AM | Development - Notes / Domino | Added by Roberto Boccadoro
Today, I released version 2.13.0 of the XPages Jakarta EE Support project. Though there's not a single big banner feature, this one brings a number of good enhancements in a bunch of areas.
Deploy private npm packages into private containers using github actions
By Stephan Wissel | 7/17/23 2:33 AM | Development - Notes / Domino | Added by Roberto Boccadoro
GitHub Actions are rapidly becoming my favorite CI environment. Their marketplace has an action for everything. Sometimes it takes a little trial and error before things work smoothly. This is one of that stories.
Authentication is everything
Imagine the following scenario: you have developed a set of private TypeScript (or JavaScript) packages and have successfully deployed them to the private GitHub npm registry under the name @myfamousorg/coolpackage - where myfamousorg must match the repository owner (org or individual).
Now you want to use them in your application. That application shall be packed in a Container and made available in GitHub's private registry. All that automated using GitHub Actions.
Postman: The Crucial Tool for Any Microservice Developer
By Paul Withers | 7/17/23 2:32 AM | Development - Notes / Domino | Added by Roberto Boccadoro
My history with REST development is long. In 2018, before I joined HCL, I delivered a session “Domino and JavaScript Development Masterclass” at IBM Think. When I posted about my development tools in 2017, Postman - then just a Chrome plugin - was key amongst them. Then in 2020 I posted an overview of Postman. And just as both John and I used Postman as a crucial tool when building the application we showed at our session at IBM Think, it’s the tool that should be used by anyone doing anything with microservices - which is what every scope your create for Domino REST API is.
Admin Client - custom icons for each domain?
By Thomas Hampel | 6/13/23 2:39 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
When you have to manage multiple Domains in your Admin client, finding the right domain
This example here is just showing two Domino Domains, but there are admins out there with 100+ domains to manage.
Maybe you want some custom icons then?
Time matters with SAML - XPageDeveloper.com
By Fredrik Norling | 6/5/23 2:31 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Keeping you servers time synked is important for server operations to keep running smoothly. And if you are using SAML it’s crucial because if your servers time drifts away you will get BAD SAML REQUEST and your users can’t login. To find out if this is the problem add DEBUG_SAML=31 (Set it to 0 to turn it off) in your notes ini and look for this entry.
Kicking the Tires on Domino 14 and Java 17
By Jesse Gallagher | 6/5/23 2:28 AM | Development - Notes / Domino | Added by Roberto Boccadoro
As promised, HCL launched the beta program for Domino 14 the other day. There's some neat stuff in there, but I still mostly care about the JVM update.
I quickly got to downloading the container image for this to see about making sure my projects work on it, particularly the XPages JEE Support project. As expected, I had a few hoops to jump through. I did some groundwork for this a while back, but there was some more to do. Before I get to some specifics, I'll mention that I put up a beta release of 2.13.0 that gets almost everything working, minus JSP.
Now, on to the notes and tips I've found so far.
Domino V14 backup for notes.ini
By Daniel Nashed | 6/1/23 2:03 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Domino backup is around since 12.0 and it got improvements in every release.
There are not many current AHA ideas for Domino Backup & Restore.
One smaller feature you can see in EAP1 is the backup of the notes.ini.
How to use Domino OTS on Kubernetes to import an existing TLS Certificate
By Daniel Nashed | 5/30/23 12:05 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Domino One Touch Setup has been designed with flexibility in mind, with special focus on getting a server up in a secure way.
On Docker you can just mount PEM files into the container. On Kubernetes TLS Certificates and Keys are stored in secrets.
Personally I am not a big fan of storing PEM files on disk. But you could at least set a password on the PEM file you import.
Here is a basic example how to create a secret on K8s and reference it in OTS.
Even the simple environment variable setup supports the security settings for CertMgr.
Of course the same functionality is also available with the more flexible JSON based configuration.
Importing trusted MicroCA Roots for a Nomad Lab environment
By Daniel Nashed | 5/29/23 12:39 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Yesterday I worked on a lab configuration based on Windows Sandbox, Domino and Nomad Web.
The biggest challenge is to have a trusted certificate for Nomad Web.
Nomad Server running with the Micro CA
A Nomad Server can use Domino CertMgr Micro CA Certs. But the root is not trusted in your browser.
I took a closer look and came up with a simple solution. which makes the import dramatically easier.
No more searching for the right trust store and handling PEM files manually.
XPages JEE 2.12.0: JNoSQL Views and PrimeFaces Support
By Jesse Gallagher | 5/29/23 12:36 AM | Development - Notes / Domino | Added by Roberto Boccadoro
Last week, I put up version 2.12.0 of the XPages JEE Support project. Beyond the usual fit-and-finish bits here and there, there are two main improvements in this release.
Jakarta NoSQL Views
Jakarta Faces and PrimeFaces
Get prepared for Notes/Domino V14 Early Access Code Drop 1
By Daniel Nashed | 5/26/23 9:32 AM | Business - Events / People | Added by Oliver Busse
You can get hands on experience with Notes/Domino V14 end of this month. Here are some tips to get prepared.
All of the software is only intended for non-production use! So you should prepare a VM to get started.
But you should really take a look and have a try. Specially for business partners this is a call for action to test their applications with the updated back-end components.
As announced earlier Notes/Domino moved to up to date compilers and a newer Java version. Also the client is 64bit only.
I hope to see many of you in the EAP forum or at DNUG conference face to face.
Tuning Domino Servers for TLS sessions
By Daniel Nashed | 5/24/23 2:13 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
My previous post was mainly about HTTP traffic and I mentioned TLS/SSL don't use the maximum number of connections settings, because they have a SSL/TLS session.
Establishing a new TLS session has significant overhead! And you have to make sure in any application, that those sessions are cached and resumed.
I revisited a blog post from 2012 where I explained a fix, which went into 8.5.3. And was enabled in 8.5.4 by default (which turned into the 9.0 release when shipped as far I recall).
There was an issue with the session cache and a new cache had been implemented in 8.5.3. Today the new cache is the default and SSL_USE_ADDSESSION2=1 does not exist any more.
HCL Connections Mail Plug-in Deployment – Missing Information in the Documentation
By Milan Matejic | 5/23/23 12:18 AM | Infrastructure - Connections | Added by Roberto Boccadoro
If you are planning to deploy the HCL Connections Mail Plug-in, take note of the KB0092821 knowledge base article. This is a mandatory step that must be done in HCL Connections 8 CR1 and newer environments. If the steps described in KB0092821 article are not followed, you will get the following error message in the browser console: Error: Unable to load https://<mailserver_hostname> status: 403
Domino on CentOS/RHEL compatible Linux - Timezone issues
By Oliver Busse | 5/19/23 1:34 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
With a new customer server we stumbled upon a strange behaviour using our low-code platform Aveedo we never saw before. We created the server at Hetzner using the Rocky 9 base installation. Rocky is binary compatible with RHEL and should be used in favour of CentOS in general as it is newer and still maintained.
Build mongodb5 image for Component Pack with Buildah
By Christoph Stoettner | 5/17/23 7:14 AM | Infrastructure - Connections | Added by Wannes Rams
Build Mongodb5 Image For Component Pack With Buildah
Workspace all grey - no icons - workaround
By Jesper Kiær | 5/17/23 6:30 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
If you are running Notes 12.0.2 or higher you will for sure at some point run into an error were the workspace tabs fills out the entire workspace and you can not access you workspace database icons no more. There is nothing you can do in the UI to fix it.
The problem is due to a new setting in the notes.ini and and is easy fixable, if you know what to fix
Attachment is missing from meeting invitation
By Rainer Brandl | 5/11/23 1:53 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Today I received an information from a friend at HCL (a.k.a. "Wickerl" ) that attachments get lost when sending a meeting invitation to another Domino Domain. In the HCL Software Forum a user complained that this issue also occurs when sending a meeting invitation to external users.This issue is described in SPR # SJOICG3K9F.
HCL Domino 12.0.2: removed user-maildatabase in a cluster symmetry configuration is repaired after removed on 1 server.
By Remco Angioni | 5/8/23 1:01 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
n HCL Domino 12.0.2 we discovered that when we delete users, some maildatabases are repaired back to the home/mail Domino server……running on Windows servers.
Like all of you know, when removing a user from a clustered Domino environment, the cldbdir entry for that database is altered to REPAIR:DISABLED. Repair is not allowed for that database. We raised a ticket because we noticed, ofcourse, that this was not the case for some users we removed. The database was repaired from another clustermember. This left us with 2 maildatabases and NO persondocument.
Domino Server: Let adminp handle renames in maildatabases, but don’t delete users in name fields.
By Remco Angioni | 5/5/23 1:26 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Ever wondered why adminp treats a deletion the same as a rename when you have set the Administration Server Action to Modify all Names fields? Well, I did. I can imagine why a rename should be performed on all mail and calendar items, but a user deletion?????? Why you want that to happen at all?Why remove the evidence that someone have sent me an email or have sent me a meeting request? It doesn’t make sense at all to me.
That’s why I was searching for a way to tell Domino not to delete users in names fields, just renames when using adminp in maildatabases. And there it is, the solution.
The Loose Roadmap for XPages Jakarta EE Support
By Jesse Gallagher | 5/5/23 1:23 AM | Development - Notes / Domino | Added by Roberto Boccadoro
At Engage, HCL officially announced Java 17 in Domino 14 (I'm sure they announced other things too, but I have my priorities). This will allow me to do a lot in pretty much all of my projects, but it's particularly pertinent to XPages JEE.
Currently, the project targets generally Jakarta EE 9, which came out in late 2020 and was "just" a switch from javax.* to jakarta.*, with no official new features. However, Jakarta EE 10 came out a year ago - in addition to bringing a raft of new features, it also bumped the minimum Java version to Java 11, pushing it outside of Domino's realm. Accordingly, I've had to hold off on a lot of major- and minor-version bumps in the XPages JEE project as new releases started being compiled for Java 11. Once V14 is out, though, I'll be able to move to the current JEE platform... at least until JEE 11 comes out next year and requires Java 21, anyway.
So I've been working on how I'm going to approach this, and what I'm thinking is that I'll do it in two phases: first, a final 2.x release that provides Java 17/Domino 14 compatibility for existing components, and then a new 3.x breaking-changes release to bring in Jakarta EE 10 components.