Paul_Albright 060000SFCX Visits (10705)
When using Java classes in Domino applications, occasionally additional rights need to be granted to allow these classes to run correctly. Historically these changes have been made to the Java.policy file in Domi
Good news! There is actually a way for us to keep these changes across upgrades and patches. Development has added the Java.pol file to allow users to make changes there and then this file is kept as is during the upgrade. The following technote discusses this in more detail:
IBM Java: How to customize "java.policy" and avoid changes being overwritten
Brian Erle (IBM) 1200008FU8 Visits (7008)
The use of certificates in IBM Mobile Connect (IMC) is prevalent. From securing incoming device requests, to securing connections to databases, authentication servers and application servers certificates are a part of the everyday operation of an IBM Mobile Connect deployment. When everything is working perfectly no one really worries about those certificates securing sessions until they expire and everything comes to a grinding halt. This can happen literally in the blink of an eye. What was a perfectly valid incoming device request a millisecond ago, is now an expired request. In the wg.log from IMC you will see a message which will look like this:
[ERROR] SSLPort: failed to attach secure connection, fd=21: [10.10.10.10:33622] GSK_ERROR_BAD_DATE (rc=401,ec=401)
Using the IBM Key Manager an administrator can examine the certificates used to secure incoming devices. By examining the certificate in the Personal Certificates view and then using the VIEW action you can check for the expiration date for the certificate and then execute on a plan to ensure that a new certificate to replace an expiring one is in place and ready to go prior to the expiration date of the present certificate. The ACTIVE certificate is the one with the asterisk '*' symbol next to it. When it comes time to use the new certificate select the certificate and View it, then choose the option near the bottom of that dialogue which allows you to set it to the Default certificate. In order for IMC to begin using this certificate a Stop and Start of the Connection Manager is required.
324:745822528 (Apr 18 2016
Please Note - the LOG and DEBUG logging levels are required to be active to see these messages. IBM IMC support and development recommend that only ERROR and WARNING log levels are used during normal production operation for optimal performance.
The above message indicates that a secure request was received, and accepted, and there was no error, and the last message will also indicate which HTTP Service (if there are multiple services configured) handled the request.
JFreeman (IBM) 11000082AY Visits (10964)
A new set of standalone JVM patch installers are available for Notes and Domino versions 8.5.3 Fix Pack 6 and 9.0.1 Fix Pack 5. Details on the vulnerabilities addressed by the patches are available in the two Security Bulletins linked below.
For download links to the installers, click on the JVM tab in the technotes linked below:
JFreeman (IBM) 11000082AY Visits (13131)
New Interim Fixes were released today for IBM Notes & Domino versions 9.0.1 Fix Pack 3 and 8.5.3 Fix Pack 6. Refer to the technotes linked further below for the fix lists and download links. Note: This set of Interim Fixes include fixes for the issues described in the following new Security Bulletin:
9.0.1 Fix Pack 3
8.5.3 Fix Pack 6