Certificate Error while integrating iNotes with Connections Files and Docs

I have recently integrated iNotes with Connections Files and Docs in an environment where Windows CA is being used.

After the configuration was completed there were the following errors in the iNotes GUI:

Domino Release 9.0.1FP7 HF409 (Windows/64)

$HaikuForm – 901FP7INHF90

Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

02/01/2017 09:06:11AM The supported IBM Docs file types cannot be retrieved due to an IBM Docs server error: 500

02/01/2017 09:06:11AM Error encountered retrieving data: Unable to connect to your Web server. Please retry your action at a later time.

02/01/2017 09:08:59AM status=500: { “error”: {“@code”:”1000″,”param” : [ {“@name”:”exception”,”value” : “javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: 3659″} ],”details” : “”}}

02/01/2017 09:09:25AM A problem has occurred which may have caused the current operation to fail.

The Domino Console was showing the following:

[11D8:000A-1F48] 01.02.2017 08:56:13 HTTP JVM: java.security.cert.CertificateException: 3659. For more detailed information, please consult error-log-0.xml located in E:/IBM/Domino/Data/domino/workspace/logs

The same error was logged in the “error-log-0.log” file.

The solution for this issue was to import the CA Certificate into the “cacerts” java security file on the Domino server. For this I used the ikeyman utility, you can also use “kyrtool” if you are familiar with it, just make sure you have a backup of the “cacerts” file if something goes wrong.

The “cacerts” file is located under: “<domino_installation_directory>\jvm\lib\security”.

“ikeyman” can be found in “<domino_installation_directory>\jvm\bin”.

Just start the “ikeyman” utility as an Administrator and open the “cacerts” java file.

Default PW of the “cacerts” file is “changeit”.

Click OK, and enter a new alias name for the certificate.

After that I just restarted the Domino server and the problem was solved.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s