HCL Domino Ideas Portal
Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.
For more information and upcoming events around #dominoforever, please visit our Destination Domino Page
Hi All.
Use the new keyring cache ini variable to expand the number of domain certs past the default memory usage limit of 10. Add this to the notes.ini: SSL_KYR_CACHE_MAX_SIZE=50.
For us, at MW, the default 10 handled about 12 keyrings each containing one or more domains. HCL support says the cache is by the kyr file's cert file size (e.g. the CRT file that's imported), not the number of domains specfically. If you need more than the max 50, HCL needs to know. There is a new request to increase the limit to 100. If your Domino server runs many Web Site docs with lots of domain "aliases" (e.g. for marketing), you might run over the max 50 setting. https://domino-ideas.hcltechsw.com/ideas/DOMINO-I-1310
Very strange to wait Domino 11.0.1 to get this.
There is a workaround to host many HTTPS Websites with only one IP.
I developped this for a big company (bank)...
Thanks HCL!!
it will be implemented in Domino 11.0.1 (statement of HCL at Engage2020)
Without this I think there is a huge problem arguing for the plattform
My concern is with the Notes client. Even if Domino does not feel it necessary to support SNI in its web functionality, this should have been addressed in the Notes client years ago, rather than being 'considered for future releases', otherwise Domino/Notes will continue to lose market share. Major operating systems and browsers have supported SNI since 2012. Use of SNI-enabled SSL certificates is growing as Google is driving website to implement HTTPS, which means a lot more 'red-X' issues when we copy web information into a Notes document. See HCL case CS0008905 for more details.
It would indeed make things easier. Especially if you have your servers outsourced.
This is must for the future of the platform
Hello,
Referencing this case number again for check point. TS002340855
Customer asking for update if this will be featured/release on the upcoming fix packs or version of Domino. thanks!
Once we moved to SSL, our customers' Internet document routing intermittently fails, requiring use of the entire path rather than simply customer.mycompany.com. Going back to HTTP is not an option and making an investment in an IP address for every customer is prohibitive at this time.
Please take this on ASAP.
We currently work around this by keeping domino on HTTP only and sitting NGinX in front of it to do HTTPS/HTTP2. Seems to work quite effectively so far, supports SNI, single IP address.
Amen, Daniel!
We have our Domino server behind a haproxy load balancer. However due to HTTPS we currently need different IP adresses for each domain we host. Furthermore this results in a vast haproxy configuration file. Please bring this feature!
YES! A Must-have!
Yes, please, this is almost a requirement as more sites are requiring SSL, even for internal only traffic. Having to ask for a separate IP address for each web site is not going over well, plus adds more complexity to the configurations..
That would be huge help for several our our customers
Yes!
This would free up a bunch of our external IPs. I've done this via a reverse proxy, but then you have to maintain two server configurations -- not ideal - and definitely not the typical historical Domino way.
This would be a huge help especially for bringing Domino applications to the web. All major web servers support SNI.