IBM Domino and Java problem with old applets

All the old Java applets that is YES in some old apps not yet converted used got another problem today on Domino 9 and 9.01. They are now blocked by Oracle because the code signing certificate is outdated, it seams like when they where updated to work with Java 1.7 45 the person who resigned them did that with an old certificate and now that cert is outdated and has been so for 1 month. If IBM or you want to keep track on when your code or SSL certs expires QNova Systems contract management system works really great for this purpose and many more things, contact me if you want to know more. An interesting thing will also to see if the new code cert created with SHA-2, because I don’t think you can get one with SHA-1 anymore and this will make Java 1.6 outdated because it doesn’t have support for SHA-2.

I’ll keep you updated on this matter.screen392

  1. Orlando Chacon

    Hi Fredrick,

    Was this Java applet cert expiration only a problem with Domino 7.0.2? Couldn’t you just upgrade the server to 8.5.3 or Domino 9x?

    • Fredrik Norling Fredrik Norling

      Well, the problem is with 9.0 and 9.01 that I have tested but probably with all the older versions also.

  2. There are more problems with the java 1.6 version that is being used on Domino and more to come soon.

    For example the new DHE ciphers with >1024 keysize (http://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration) can be used on Domino HTTP now, but not accessed from another Domino server due to java 1.6.

    We’ve opened a PMR last month.

  3. Just received this comment on our PMR:

    Unfortunately there are no plans to use 1.8 for the forseeable future.

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>