LE4D & Domino 11.0.1 on Windows issue - Problem importing certificates into keyring
Detlev Poettgen April 14 2020 08:35:58 AM
Due to an issue with the JVM installed with Domino V11.0.1, Let's Encrypt 4 Domino a.k.a LE4D throws an error, when the tool tries to import the new / renewed certificate into the Domino keyring file.It's only an issue when running the Domino server on Windows.
The agent calls the kyrtool and passes the required parameters to the tool.
On the Domino V11.0.1 console, you will see an error
13.04.2020 06:48:52 Agent error: java.io.IOException: Cannot run program "cmd.exe": Malformed argument has embedded quote: "d:\domino\kyrtool.exe" create -k "d:\domino\data\eknori_staging.kyr"
13.04.2020 06:48:52 Agent error: at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:621)
13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:486)
13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.tools.CommandProcessor.executeCommand(CommandProcessor.java:11)
13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.runKyrTool(Le4dManager.java:623)
13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.run(Le4dManager.java:205)
13.04.2020 06:48:52 Agent error: at de.midpoints.MPStarter.NotesMain(MPStarter.java:16)
13.04.2020 06:48:52 Agent error: at lotus.domino.AgentBase.runNotes(Unknown Source)
13.04.2020 06:48:52 Agent error: at lotus.domino.NotesThread.run(Unknown Source)
13.04.2020 06:48:52 Agent error: Caused by:
The problem is not in the LE4D code itself, because it runs on Domino V9.0.1FP10 and also on Domino V10.x and also on Domino V11.
It seemed to stop working after upgrading the server to V11.0.1, because of an update to a newer JVM version (>1.8.0_231-b11).
HCL already published a Technote about the issue:
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0078230
To fix the error in Domino V11.0.1 do the following
If not already in place, create a new text file javaOptions.txt in the Domino DataDirectory
Add the following line to the javaOptions.txt file ( If you already have a javaOptions file, append the new entry to the existing lines in the file)
-Djdk.lang.Process.allowAmbiguousCommands=true
Save javaOptions.txt
Add the following line to the server notes.ini
JAVAOPTIONSFILE=D:\YourDominoDataDir\javaoptions.txt
Hint: Add the fullpath to the javaoptions.txt, otherwise the file will not be used. On Windows use a Backslash.
Restart the server
When you now run the LE4D tool, everything should work!
We will update the LE4D documentation in the next few days.
- Kommentare [6]