fighting for truth, justice, and a kick-butt lotus notes experience.

 
alt

Detlev Poettgen

 

Announcing - Lets Encrypt for Domino - Just Do SSL

 23 August 2017 16:16:43
To enable HTTPS on your website, you need to get a certificate from a public Certificate Authority (CA). Let’s Encrypt is such a CA, which offers free trusted certificates. The only limit is that the certificates expire after 90 days. But you can renew them as often as you like.

There are several clients around to retrieve a certificate from Let’s Encrypt. But none of them offer a consistent way to automate the process, when using Domino as your HTTP-Server. Either the client tool is only available for Linux, or you have to install additional Perl/Python interpreter on your Domino server machine to run scripts. And then there is the Domino properitary keystore format :-(

We at midpoints were looking for a solution to get Let’s Encrypt certificates working together with Domino as close and automated as possible.
So we started the midpoints Let’s Encrypt 4 Domino project for internal use.

Let’s Encrypt for Domino == Let’s Encrypt 4 Domino == LE4D (spoken as lead)


After we got it working, we decided to make the tool available for free, because the Let's Encrypt certs are for free and so midpoints LE4D should be free, too. SSL is important and you should use it.

Yes, you can get  it for free!

Image:Announcing - Lets Encrypt for Domino - Just Do SSL

What midpoints LE4D will do in detail?

The short answer - A lot!

In more details:

- Creates a Let's Encrypt User and Domain Keys
- Creates and puts Let's Encrypt Challenge on your server
- Creates and sends the Signing Request CSR to Let's Encrypt
- Downloads the certificate
- Downloads the Key Chain
- Generates the Domino Key Ring files using the IBM KYRTOOL
- Merges the certificates and chain into the Key Ring
- Backups the generated certificates
- Restarts the HTTP Task
- Periodic Renewal of certificates, when needed

All you will need is our midpoints LE4D template.
Create a new application from the template, create a configuration for your domain and start an agent ( the agent can later be started on a scheduled basis using a program document to renew the certificates).


Interested? Then get your copy of midpoints LE4D today for FREE.

https://www.midpoints.de/LE4D


Ulrich Krause aka eknori and myself digged into the Let's Encrypt API to make LE4D possible. Thank you Ulrich that we together got it working!

And we would like to thank Let's Encrypt and the Let's Encrypt community to provide their great Let's Encrypt Cert service.

Kommentare

1Darren Duke  23.08.2017 22:03:48  Announcing - Lets Encrypt for Domino - Just Do SSL

Great stuff. I'll now shelve my development of such a solution....and I'm pretty sure I'm not alone in this.

Again, great stuff.

2Detlev Poettgen  23.08.2017 22:08:39  Announcing - Lets Encrypt for Domino - Just Do SSL

Thx Darren.

3Lars Berntrop-Bos  24.08.2017 00:47:45  Announcing - Lets Encrypt for Domino - Just Do SSL

Thanks!!

4Fredrik Norling  24.08.2017 08:13:03  Announcing - Lets Encrypt for Domino - Just Do SSL

Great work, thanks

5Bob Voith  24.08.2017 08:37:35  Announcing - Lets Encrypt for Domino - Just Do SSL

Fantastic, generous, thanks!!

6Manfred Dillmann  24.08.2017 10:54:11  Announcing - Lets Encrypt for Domino - Just Do SSL

Das ist klasse!

Vielen Dank Detlev und Ulrich!

Gruß

Manfred

7Henning Schmidt  24.08.2017 15:22:10  Announcing - Lets Encrypt for Domino - Just Do SSL

Awesome stuff Detlev! Comes in handy since my certificates are about to expire and I was thinking about Let's Encrypt. Perfect timing :-)

8Rene Thorarinsson  25.08.2017 08:25:08  Announcing - Lets Encrypt for Domino - Just Do SSL

Wow Awesome stuff.. The manual job of creating and merging keys into a keyring file og very troublesome - even when you follow Gaby's documentation, so this is GREAT.. Thanks..

9Ensar Yilmaz  28.08.2017 18:55:02  Announcing - Lets Encrypt for Domino - Just Do SSL

Great Tool. Works perfect for me!

Thank you very much!

10Andy Brunner  10.09.2017 16:24:34  Announcing - Lets Encrypt for Domino - Just Do SSL

Great tool. Thanks a lot for sharing it with us!

P.S. Works fine even on partitioned Domino servers.

Regards

Andy Brunner

11Per Christensen  21.09.2017 23:58:01  Announcing - Lets Encrypt for Domino - Just Do SSL

Hi,

Nice LE4D application - all seems great, except when running the 'letsencrypt' agent, i get the following java error message:

Agent Manager: Agent error: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: IBMJSSE2, class: com.ibm.jsse2.ah)

Can you help to make the agent run.

Regards

Per Christensen

12Detlev Poettgen  22.09.2017 10:40:50  Announcing - Lets Encrypt for Domino - Just Do SSL

Hello Per,

I just send you an email.

Archive