Sub domain DNS at Digital Ocean for Domino CertMgr DNS-01 requests  

By Daniel Nashed | 12/7/21 2:41 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

What can you do if your DNS provider does not support a DNS API? There are a couple of options. And there is one I am using for a while for testing the DNS TXT API at Digital Ocean. You can delegate a sub domain to Digital Ocean and use DNS challenges for the sub domain. And you can even redirect ACME request for the main domain via CNAME records to that validation domain.

One-Touch Domino JSON file validation in Domino 12.0.1  

By Daniel Nashed | 12/6/21 12:53 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

One-Touch Domino is one of my favorites features in Domino 12 when it comes to automated deployments. With Domino 12.0.1 there is a new validation tool for JSON files. It makes a lot of sense to validate before starting your server setup. There are two options 1. Check if the JSON format is valid --> that's something jq could also do for you and I am using this validation in my "domino setup json" start script option 2. Check if the JSON file is valid based on the current scheme! --> That's really very very helpful when writing JSON configuration files.

How to create exportable TLS Credentials with Domino 12.0.1  

By Daniel Nashed | 11/25/21 3:39 AM | Infrastructure - Notes / Domino | Added by Martin Pradny

CertMgr Domino 12.0.1 introduces export/import functionality. You can import existing PEM, PKCS12 and kyr files. If you mark them to be exportable during import or create an exportable key, you can export it later. This works with manual and also ACME (Let's Encrypt) flows.

Replace curl shipped with Windows with a recent version not build by Microsoft  

By Daniel Nashed | 11/19/21 1:42 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

While working on a OpenSSL server side project, I used curl.exe to test client cert authentication. It turned out that curl.exe shipped with Windows 11 is a quite old version -- last security patched end of 2019. The version is the exact same version I also see on Windows 10 (see details below). If you are using Curl on Windows, I would strongly recommend to replace Curl shipped with Windows, with a current Curl version provided by the Curl project directly!

Domino One Touch install on Ubuntu and Debian  

By Daniel Nashed | 11/8/21 2:12 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

I am still not a big fan of Domino on Ubuntu or Debian. And it still makes a lot of sense to stay on platforms that are close to the two fully supported platforms RHEL and SLES!!! But specially for me testing software and also supporting my start scripts, this installer makes a lot of sense to support those platforms. For Ubuntu and Debian I needed the work-around to change the shell from dash to bash during install.

Domino install challenges on Ubuntu 20.04 LTS  

By Daniel Nashed | 11/8/21 2:11 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro

There has not been any testing on my side for the start script on Ubuntu so far. But now that Ubuntu meets the basic requirements for Domino support, I took a quick look. There has been a live console issue, which I fixed in 3.6.1 today (already in the develop branch of the Domino Docker Community project). But it turned out that also the Domino install script has an issue on Ubuntu, because the default shell is dash instead of bash. Here are the technical details and a workaround.