fighting for truth, justice, and a kick-butt lotus notes experience.

LE4D & Domino 11.0.1 on Windows issue - Problem importing certificates into keyring

 14 April 2020 10:35:58
Due to an issue with the JVM installed with Domino V11.0.1, Let's Encrypt 4 Domino a.k.a LE4D throws an error, when the tool tries to import the new / renewed certificate into the Domino keyring file.
It's only an issue when running the Domino server on Windows.


The agent calls the kyrtool and passes the required parameters to the tool.


On the Domino V11.0.1 console, you will see an error


13.04.2020 06:48:52 Agent error: java.io.IOException: Cannot run program "cmd.exe": Malformed argument has embedded quote: "d:\domino\kyrtool.exe" create -k "d:\domino\data\eknori_staging.kyr"

13.04.2020 06:48:52 Agent error: at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)

13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:621)

13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:486)

13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.tools.CommandProcessor.executeCommand(CommandProcessor.java:11)

13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.runKyrTool(Le4dManager.java:623)

13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.run(Le4dManager.java:205)

13.04.2020 06:48:52 Agent error: at de.midpoints.MPStarter.NotesMain(MPStarter.java:16)

13.04.2020 06:48:52 Agent error: at lotus.domino.AgentBase.runNotes(Unknown Source)

13.04.2020 06:48:52 Agent error: at lotus.domino.NotesThread.run(Unknown Source)

13.04.2020 06:48:52 Agent error: Caused by:



The problem is not in the LE4D code itself, because it runs on Domino V9.0.1FP10 and also on Domino V10.x and also on Domino V11.


It seemed to stop working after upgrading the server to V11.0.1, because of an update to a newer JVM version (>1.8.0_231-b11).


HCL already published a Technote about the issue:


https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0078230

To fix the error in Domino V11.0.1 do the following


If not already in place, create a new text file javaOptions.txt in the Domino DataDirectory


Add the following line to the javaOptions.txt file ( If you already have a javaOptions file, append the new entry to the existing lines in the file)


-Djdk.lang.Process.allowAmbiguousCommands=true


Save javaOptions.txt


Add the following line to the server notes.ini


JAVAOPTIONSFILE=/javaoptions.txt


Restart the server


When you now run the LE4D tool, everything should work!


We will update the LE4D documentation in the next few days.



Kommentare

1Matthias Leonhardt  05.06.2020 22:37:06  LE4D & Domino 11.0.1 on Windows issue - Problem importing certificates into keyring

This issue is only with windows. Correct?

Matthias

2Matthias  05.06.2020 22:45:38  LE4D & Domino 11.0.1 on Windows issue - Problem importing certificates into keyring

Oh, steht ja schon im Titel. Detlev, kannst den überflüssigen Kommentar löschen. Es ist halt schon spätabends.

3Remi Derasse  08.06.2020 23:52:00  LE4D & Domino 11.0.1 on Windows issue - Problem importing certificates into keyring

Hi,

Seems to apply to Domino 10.0.1 FP5 too ! Just raised the error this evening.

Remi

  •  
  • Hinweis zum Datenschutz und Datennutzung:
    Bitte lesen Sie unseren Hinweis zum Datenschutz bevor Sie hier einen Kommentar erstellen.
    Zur Erstellung eines Kommentar werden folgende Daten benötigt:
    - Name
    - Mailadresse
    Der Name kann auch ein Nickname/Pseudonym sein und wird hier auf diesem Blog zu Ihrem Kommentar angezeigt. Die Email-Adresse dient im Fall einer inhaltlichen Unklarheit Ihres Kommentars für persönliche Rückfragen durch mich, Detlev Pöttgen.
    Sowohl Ihr Name als auch Ihre Mailadresse werden nicht für andere Zwecke (Stichwort: Werbung) verwendet und auch nicht an Dritte übermittelt.
    Ihr Kommentar inkl. Ihrer übermittelten Kontaktdaten kann jederzeit auf Ihren Wunsch hin wieder gelöscht werden. Senden Sie in diesem Fall bitte eine Mail an blog(a)poettgen(punkt)eu

  • Note on data protection and data usage:
    Please read our Notes on Data Protection before posting a comment here.
    The following data is required to create a comment:
    - Name
    - Mail address
    The name can also be a nickname/pseudonym and will be displayed here on this blog with your comment. The email address will be used for personal questions by me, Detlev Pöttgen, in the event that the content of your comment is unclear.
    Neither your name nor your e-mail address will be used for any other purposes (like advertising) and will not be passed on to third parties.
    Your comment including your transmitted contact data can be deleted at any time on your request. In this case please send an email to blog(a)poettgen(dot)eu

Archive