June OpenNTF Webinar - Domino V12 Certification Manager
Managing SSL certificates in Domino was always a challenge. The certificates had to be created using OpenSSL and then imported into a key ring file using the kyrtool. Both tools were command line based.
Now in V12, HCL has introduced the Certificate Manager. This will greatly simplify the the process of using certificates in Domino. And there are other security enhancements that will be covered in the webinar.
Daniel Nashed, an HCL Lifetime Ambassador, will walk us through the setup and use of the new Domino V12 Certificate Manager. This webinar is a must for any Domino admins (and developers too!)
How to deliver industry standard browser security to the native Domino HTTP stack, using company-wide wildcard certificates deployed across all platforms.
Domino Server Health - Monitoring and ManagingGabriella Davis
If you're a Domino administrator how do you decide what to monitor on your servers and how to manage them ? What are the key things to monitor? How do good practice management tools such as statistics reporting, DDM, cluster symmetry, database repair and policy settings make your work lighter and faster. Finally we’ll talk about some of the “must dos” in the day, week and month of a Domino admin.
Presented at Engage.ug in Brussels May 2019
In this session (reloaded for Notes V11), you will learn how easy it can be to maximize Notes client performance. Let Chris show you, what can be tuned and how to resolve the best possible performance for your Notes client infrastructure. Discover tips and tweaks - how to debug your Notes client, deal with outdated ODS, network latency and application performance issues and the measurable benefit that provides to your users. You’ll discover the current best practices for streamlining location and connection documents and why the catalog.nsf is still so important. You will leave the session with the knowledge you need to improve your Notes V11 client installations and to provide a better experience for happier administration and happier end-users!
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesHoward Greenberg
While installing a new HCL Domino server is a relatively straight forward task, configuring the server properly requires knowledge. Lacking this knowledge means that several key steps may be missed resulting in a server with potential security and performance issues. Additionally there are several key features that will save you time on administration of the server. Domino server settings also affect the performance and security of custom applications. Even if you are a developer you should be aware of the options available when configuring a server.
Join our incredibly experienced presenters as they share their many years of Domino expertise. They will cover the finer details to correctly setup a Domino server environment that is optimized for performance, security and sustainable administration. Plus use this information presented in this webinar to modify and improve your existing server environment.
Presenters:
Heather Hottenstein, HCL Ambassador
Roberto Boccadoro, HCL Ambassador
Serdar Basegmez, HCL Ambassador
Additonal Panelists (Q and A)
John Paganetti, HCL
You may be a pro at administering a Domino server, but that doesn't mean you understand everything under the hood. Learn the no-fuss, no-frills, simple explanations of the most common Domino concepts and find out exactly how they work, and how to apply this knowledge to help avoid problems and improve performance. You'll learn how reader fields work, how replication and cluster replication works, mail routing including SMTP, the secrets of ACLs, ID file details, Adminp, busytime, cross-certification, recertifying, Domino domains, transaction logging, view indexes, and more. Learning the entire concept behind the "stuff" that's in Domino will make you a better troubleshooter, a faster problem-solver, and an all-around great admin!
How to deliver industry standard browser security to the native Domino HTTP stack, using company-wide wildcard certificates deployed across all platforms.
Domino Server Health - Monitoring and ManagingGabriella Davis
If you're a Domino administrator how do you decide what to monitor on your servers and how to manage them ? What are the key things to monitor? How do good practice management tools such as statistics reporting, DDM, cluster symmetry, database repair and policy settings make your work lighter and faster. Finally we’ll talk about some of the “must dos” in the day, week and month of a Domino admin.
Presented at Engage.ug in Brussels May 2019
In this session (reloaded for Notes V11), you will learn how easy it can be to maximize Notes client performance. Let Chris show you, what can be tuned and how to resolve the best possible performance for your Notes client infrastructure. Discover tips and tweaks - how to debug your Notes client, deal with outdated ODS, network latency and application performance issues and the measurable benefit that provides to your users. You’ll discover the current best practices for streamlining location and connection documents and why the catalog.nsf is still so important. You will leave the session with the knowledge you need to improve your Notes V11 client installations and to provide a better experience for happier administration and happier end-users!
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesHoward Greenberg
While installing a new HCL Domino server is a relatively straight forward task, configuring the server properly requires knowledge. Lacking this knowledge means that several key steps may be missed resulting in a server with potential security and performance issues. Additionally there are several key features that will save you time on administration of the server. Domino server settings also affect the performance and security of custom applications. Even if you are a developer you should be aware of the options available when configuring a server.
Join our incredibly experienced presenters as they share their many years of Domino expertise. They will cover the finer details to correctly setup a Domino server environment that is optimized for performance, security and sustainable administration. Plus use this information presented in this webinar to modify and improve your existing server environment.
Presenters:
Heather Hottenstein, HCL Ambassador
Roberto Boccadoro, HCL Ambassador
Serdar Basegmez, HCL Ambassador
Additonal Panelists (Q and A)
John Paganetti, HCL
You may be a pro at administering a Domino server, but that doesn't mean you understand everything under the hood. Learn the no-fuss, no-frills, simple explanations of the most common Domino concepts and find out exactly how they work, and how to apply this knowledge to help avoid problems and improve performance. You'll learn how reader fields work, how replication and cluster replication works, mail routing including SMTP, the secrets of ACLs, ID file details, Adminp, busytime, cross-certification, recertifying, Domino domains, transaction logging, view indexes, and more. Learning the entire concept behind the "stuff" that's in Domino will make you a better troubleshooter, a faster problem-solver, and an all-around great admin!
IBM Traveler Management, Security and PerformanceGabriella Davis
Traveler is a core component of most companies’ mail infrastructure but its maintenance and security goes far beyond Domino server management. In this session we’ll look at a Traveler environment from daily tasks to enforcing TLS and starting with understanding how Traveler behaves. We’ll review both standalone and high availability configurations and discuss common problems, as well how best to plan and design a secure and stable infrastructure.
How to configure IWA / SPNEGO for IBM Domino enabling Windows authenticated users to access Domino web applications without being prompted for further authentication
Admin Tips In 60 Minutes
In this high speed session I take you through the best admin tips for Domino, Notes, Sametime, Traveler and more. From notes.ini values, to server configuration settings and valuable customisations.
Some tips will be new to v10 and some have been around but rarely used for years.
Whatever your experience there will be something new for you to take away and enjoy.
Presented at Engage.ug in Brussels May 2019
Session from NCUG. Stockholm 12.06.2019.
Basic Domino Performance Tuning. Ideas how to improve performance, statistics how to get information that we have issues and how to fix them
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Serverpanagenda
Aufnahme: http://pan.news/20210420de
Abstract: Server sind das Rückgrat Ihrer IT-Umgebung. Deren Sicherheit ist für jeden IT-Profi von größter Bedeutung. Besonders bei Servern mit Fernzugriff wird dies zu einer heiklen Angelegenheit. Es ist ein schmaler Grat zwischen der komfortablen Nutzung auf der einen Seite und dem Schutz gegen Angreifer auf der anderen Seite.
Zu den Sicherheitsbedenken gehören die mangelnde physische Sicherheit von Geräten, die Verwendung ungesicherter Netzwerke, die ungewollte externe Verfügbarkeit interner Ressourcen und der unbefugte Zugriff aus dem eigenen Unternehmen.
HCL Domino ist eine leistungsfähige und ausgereifte Serverplattform mit einem großen Funktionsumfang. Das macht sie zwar zu einer guten Wahl für viele Anwendungen, bedeutet aber auch, dass es viele potenzielle Möglichkeiten gibt, sich angreifbar zu machen.
In diesem Webinar helfen Ihnen unsere Experten, jeden Aspekt der Absicherung Ihrer Domino-Umgebungen zu betrachten:
• Lernen Sie die Grundlagen der Domino-Server-Sicherheit kennen
• Beheben Sie Probleme mit der Standardkonfiguration und vermeiden Sie häufige Fallstricke
• Sorgen Sie für einen sicheren Zugriff über Notes-Client, HTTP oder SMTP
• Richten Sie eine Datenbank-Zugriffskontrolle für Ihre gesamte Infrastruktur ein
• Schützen Sie Ihre Server vor internen Angriffen
• Vermeiden Sie Schwachstellen, indem Sie Domino-Server und Betriebssystem auf dem neuesten Stand halten
Alles, was Sie ueber HCL Notes 64-Bit Clients wissen muessenpanagenda
Webinar Recording: https://www.panagenda.com/webinars/alles-was-sie-uber-hcl-notes-64-bit-clients-wissen-mussen/
Es hat eine Weile gedauert, aber jetzt stehen die Chancen gut, dass es mit der Veröffentlichung von HCL Domino 12.0.2 endlich einen HCL Notes 64-Bit-Client geben wird! Zeit, sich zu freuen. Oder vielleicht doch nicht? Im ersten Augenblick mag man denken, dass ein einfaches Upgrade ausreicht, um den Wechsel auf 64-Bit Clients zu vollziehen. Aber wann war das Leben jemals so einfach?
Beim Upgrade auf einen HCL Notes 64-Bit-Client gibt es einige Dinge zu beachten: Änderungen des Installationsortes, Probleme mit gewissen Code-Konstruktionen in Domino-Anwendungen sowie Add-Ins von Drittanbietern sind nur einige der Stolpersteine auf dem Weg. Außerdem sind, wie bei der Einführung jeder neuen Software, wichtige Überlegungen zu Leistung, Stabilität und Sicherheit zu berücksichtigen. Darauf wollen Sie natürlich vorbereitet sein.
In unserem Webinar über die Ausführung von HCL Nomad Konfigurationen auf jedem Gerät haben wir gezeigt, dass MarvelClient Roaming bei der Lösung vieler Herausforderungen helfen kann. Das Programm ermöglicht die automatische Sicherung, Wiederherstellung und gemeinsame Nutzung von Konfigurationen (Desktop, aktuelle Anwendungen, Einstellungen und mehr) für HCL Nomad auf verschiedenen Geräten.
Natürlich sind wir noch ein wenig weiter gegangen. In unserem Webinar und unserer Live-Demo über die Zusammenführung von HCL Nomad und Domino ohne SafeLinx haben wir Ihnen gezeigt, welche Voraussetzungen erforderlich sind, um Nomad Web direkt mit Domino zu betreiben. In den Video-Aufzeichnungen erfahren Sie, wie Sie den Nomad Web Server installieren und konfigurieren, wie er aus der Sicht eines Anwenders funktioniert und in welchen Szenarien Sie SafeLinx weiter nutzen sollten.
Nehmen Sie an unserem Webinar am 24. Januar teil, und Sie werden mit einem guten Verständnis aller Probleme und Überlegungen rund um den neuen HCL Notes 64-Bit-Client nach Hause gehen, so dass Sie Ihr weiteres Vorgehen mit Sicherheit planen können.
Dabei gehen wir besonders auf die folgenden Themen ein:
- Wie installiert man HCL Notes 64-Bit-Clients von Grund auf
- Wie aktualisiert man alte 32-Bit-Clients
- Was sind die alltäglichen Herausforderungen beim Betrieb von 64-Bit-Clients
- Leistung und Stabilität unter die Lupe genommen
- Die Probleme beim Design von Domino-Anwendungen
- Welche Abhängigkeiten mit Add-Ins von Drittanbietern bestehen
Domino Tech School - Upgrading to Notes/Domino V10: Best PracticesChristoph Adler
Are you looking to deploy Domino V10 but don’t know where to start? Upgrade servers or clients first? Should I upgrade the ODS? If you have questions like these, this session is for you. Get a complete understanding of the process to upgrade to Domino V10, and learn from best practices and tips from the field.
Alles was Sie über HCL Notes 14 wissen müssenpanagenda
Webinar Recording: https://www.panagenda.com/webinars/alles-was-sie-uber-hcl-notes-14-wissen-mussen/
Die Release von HCL Notes 14 ist immer noch in aller Munde. Wenn Sie an diesem Webinar teilnehmen, könnte die Version sogar schon verfügbar sein. Aufregend! Es gibt viel zu bestaunen: neue Version der JVM, neue Eclipse-Version, und der Client ist nur noch als 64-Bit-Version verfügbar – um nur einige Highlights zu nennen. Ein guter Zeitpunkt, um darüber nachzudenken, ob, wie und wann der Umstieg auf Notes 14 sinnvoll sein könnte. Seien Sie versichert, dass alle Antworten, die Sie brauchen, in diesem Webinar bekommen werden.
Nehmen Sie an unserem Webinar mit dem HCL-Botschafter und führenden Experten Marc Thomas teil. Sie erhalten einen umfassenden Überblick und können den geschäftlichen Nutzen, aber auch die Kosten einer Umstellung besser einschätzen. Alles, was Sie wissen müssen und tun sollten, egal ob Sie bereits mitten im Upgrade sind oder noch die Vor- und Nachteile abwägen.
Was Sie lernen werden
- Was ist neu in HCL Notes 14?
- Ist HCL Notes 14 die richtige Wahl für Sie oder ist Notes 12 besser?
- Was ist vor einem Upgrade zu beachten?
- Welche Herausforderungen bringen 64-bit Notes Clients mit sich?
- Welche Probleme sind bekannt und welche Lösungen gibt es?
- Tipps und Tricks, um das Meiste aus Notes 14 herauszuholen
Zusammenführung von HCL Nomad Web und Domino ohne SafeLinx - So gehtspanagenda
Webinar Recording: https://www.panagenda.com/webinars/zusammenfuhrung-von-hcl-nomad-web-und-domino-ohne-safelinx-so-gehts/
HCL Nomad Web ist der Weg in die Zukunft. Die Benutzer können frei entscheiden, wann, wo und wie sie die Anwendung nutzen wollen. Das ermöglicht nicht nur größere betriebliche Flexibilität, sondern trägt auch zu einer höheren Mitarbeiterbindung und Produktivität bei. Und wenn Sie HCL Nomad Web und Domino ohne SafeLinx betreiben, wird der Weg in die Zukunft noch viel einfacher.
Nun, Ihr Ziel ist gesteckt. Sie wollen Nomad Web nutzen – den neuen Client im Browser. Dabei gibt es leider noch einige Hürden zu überwinden. Glücklicherweise beseitigt Domino 12.0.2 eine große Hürde. Der neue Nomad Web Server auf Domino macht es möglich, dass Nomad Web direkt mit Domino kommuniziert. SafeLinx ist nunmehr optional. Es geht auch ohne zusätzliche Komplexität.
Nehmen Sie am 13. Dezember an diesem Webinar teil, in dem Marc Thomas, HCL Ambassador & panagenda Senior Consultant, Ihnen Tipps und Tricks aus der Praxis zeigt. Erwerben Sie die Fähigkeiten, die Sie benötigen, um Nomad Web direkt mit Domino zu betreiben und HCL Nomad Web und Domino ohne SafeLinx zu nutzen. Sie erhalten in diesem Webinar ein fertiges Rezept, mit dem Sie in Ihrer Umgebung loslegen können.
In unserem Webinar über die Ausführung von HCL Nomad-Konfigurationen auf jedem Gerät haben wir Ihnen gezeigt, dass MarvelClient Roaming Ihnen helfen kann, viele Herausforderungen zu lösen. Es ermöglicht Ihnen die automatische Sicherung, Wiederherstellung und gemeinsame Nutzung von Konfigurationen (Desktop, aktuelle Anwendungen, Einstellungen und mehr) auf verschiedenen Geräten mit Nomad. Es lädt Konfigurationen auf Ihre Domino-Server hoch, sobald sie geändert werden, und aktualisiert dann auf transparente Weise alle aktuellen und neuen Geräte, die von derselben Person verwendet werden, mit minimalen Netzwerk- und Verarbeitungsanforderungen. Dieses Mal gehen wir noch ein bisschen weiter.
Dabei gehen wir besonders auf die folgenden Themen ein:
- Inbetriebnahme von HCL Nomad Web und Domino ohne SafeLinx
- Wie Sie Nomad Web Server schnell installieren und konfigurieren
- Wie der Nomad Web Server aus der Sicht eines Benutzers funktioniert
- Szenarien, in denen der Einsatz von SafeLinx weiterhin sinnvoll ist
SSL certificates in the Oracle Database without surprisesNelson Calero
Presentation delivered on UKOUG conference in December 2019.
Abstract: Nowadays database installations are required to use secure connections to communicate with clients, from connecting to the database listener to interact with external services (for example to send emails from the database).
Also since a couple of years ago, it has been required to use stronger protocols like TLS 1.2 (SHA2 algorithm), which requires extra configuration in older database releases.
This presentation shows how SSL certificates work from a DBA perspective, which tools are available and examples of configuring and troubleshooting their usage from the Oracle database. It also explores the implications and how to implement TLS 1.2 and common errors found in real life usage.
IBM Traveler Management, Security and PerformanceGabriella Davis
Traveler is a core component of most companies’ mail infrastructure but its maintenance and security goes far beyond Domino server management. In this session we’ll look at a Traveler environment from daily tasks to enforcing TLS and starting with understanding how Traveler behaves. We’ll review both standalone and high availability configurations and discuss common problems, as well how best to plan and design a secure and stable infrastructure.
How to configure IWA / SPNEGO for IBM Domino enabling Windows authenticated users to access Domino web applications without being prompted for further authentication
Admin Tips In 60 Minutes
In this high speed session I take you through the best admin tips for Domino, Notes, Sametime, Traveler and more. From notes.ini values, to server configuration settings and valuable customisations.
Some tips will be new to v10 and some have been around but rarely used for years.
Whatever your experience there will be something new for you to take away and enjoy.
Presented at Engage.ug in Brussels May 2019
Session from NCUG. Stockholm 12.06.2019.
Basic Domino Performance Tuning. Ideas how to improve performance, statistics how to get information that we have issues and how to fix them
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Serverpanagenda
Aufnahme: http://pan.news/20210420de
Abstract: Server sind das Rückgrat Ihrer IT-Umgebung. Deren Sicherheit ist für jeden IT-Profi von größter Bedeutung. Besonders bei Servern mit Fernzugriff wird dies zu einer heiklen Angelegenheit. Es ist ein schmaler Grat zwischen der komfortablen Nutzung auf der einen Seite und dem Schutz gegen Angreifer auf der anderen Seite.
Zu den Sicherheitsbedenken gehören die mangelnde physische Sicherheit von Geräten, die Verwendung ungesicherter Netzwerke, die ungewollte externe Verfügbarkeit interner Ressourcen und der unbefugte Zugriff aus dem eigenen Unternehmen.
HCL Domino ist eine leistungsfähige und ausgereifte Serverplattform mit einem großen Funktionsumfang. Das macht sie zwar zu einer guten Wahl für viele Anwendungen, bedeutet aber auch, dass es viele potenzielle Möglichkeiten gibt, sich angreifbar zu machen.
In diesem Webinar helfen Ihnen unsere Experten, jeden Aspekt der Absicherung Ihrer Domino-Umgebungen zu betrachten:
• Lernen Sie die Grundlagen der Domino-Server-Sicherheit kennen
• Beheben Sie Probleme mit der Standardkonfiguration und vermeiden Sie häufige Fallstricke
• Sorgen Sie für einen sicheren Zugriff über Notes-Client, HTTP oder SMTP
• Richten Sie eine Datenbank-Zugriffskontrolle für Ihre gesamte Infrastruktur ein
• Schützen Sie Ihre Server vor internen Angriffen
• Vermeiden Sie Schwachstellen, indem Sie Domino-Server und Betriebssystem auf dem neuesten Stand halten
Alles, was Sie ueber HCL Notes 64-Bit Clients wissen muessenpanagenda
Webinar Recording: https://www.panagenda.com/webinars/alles-was-sie-uber-hcl-notes-64-bit-clients-wissen-mussen/
Es hat eine Weile gedauert, aber jetzt stehen die Chancen gut, dass es mit der Veröffentlichung von HCL Domino 12.0.2 endlich einen HCL Notes 64-Bit-Client geben wird! Zeit, sich zu freuen. Oder vielleicht doch nicht? Im ersten Augenblick mag man denken, dass ein einfaches Upgrade ausreicht, um den Wechsel auf 64-Bit Clients zu vollziehen. Aber wann war das Leben jemals so einfach?
Beim Upgrade auf einen HCL Notes 64-Bit-Client gibt es einige Dinge zu beachten: Änderungen des Installationsortes, Probleme mit gewissen Code-Konstruktionen in Domino-Anwendungen sowie Add-Ins von Drittanbietern sind nur einige der Stolpersteine auf dem Weg. Außerdem sind, wie bei der Einführung jeder neuen Software, wichtige Überlegungen zu Leistung, Stabilität und Sicherheit zu berücksichtigen. Darauf wollen Sie natürlich vorbereitet sein.
In unserem Webinar über die Ausführung von HCL Nomad Konfigurationen auf jedem Gerät haben wir gezeigt, dass MarvelClient Roaming bei der Lösung vieler Herausforderungen helfen kann. Das Programm ermöglicht die automatische Sicherung, Wiederherstellung und gemeinsame Nutzung von Konfigurationen (Desktop, aktuelle Anwendungen, Einstellungen und mehr) für HCL Nomad auf verschiedenen Geräten.
Natürlich sind wir noch ein wenig weiter gegangen. In unserem Webinar und unserer Live-Demo über die Zusammenführung von HCL Nomad und Domino ohne SafeLinx haben wir Ihnen gezeigt, welche Voraussetzungen erforderlich sind, um Nomad Web direkt mit Domino zu betreiben. In den Video-Aufzeichnungen erfahren Sie, wie Sie den Nomad Web Server installieren und konfigurieren, wie er aus der Sicht eines Anwenders funktioniert und in welchen Szenarien Sie SafeLinx weiter nutzen sollten.
Nehmen Sie an unserem Webinar am 24. Januar teil, und Sie werden mit einem guten Verständnis aller Probleme und Überlegungen rund um den neuen HCL Notes 64-Bit-Client nach Hause gehen, so dass Sie Ihr weiteres Vorgehen mit Sicherheit planen können.
Dabei gehen wir besonders auf die folgenden Themen ein:
- Wie installiert man HCL Notes 64-Bit-Clients von Grund auf
- Wie aktualisiert man alte 32-Bit-Clients
- Was sind die alltäglichen Herausforderungen beim Betrieb von 64-Bit-Clients
- Leistung und Stabilität unter die Lupe genommen
- Die Probleme beim Design von Domino-Anwendungen
- Welche Abhängigkeiten mit Add-Ins von Drittanbietern bestehen
Domino Tech School - Upgrading to Notes/Domino V10: Best PracticesChristoph Adler
Are you looking to deploy Domino V10 but don’t know where to start? Upgrade servers or clients first? Should I upgrade the ODS? If you have questions like these, this session is for you. Get a complete understanding of the process to upgrade to Domino V10, and learn from best practices and tips from the field.
Alles was Sie über HCL Notes 14 wissen müssenpanagenda
Webinar Recording: https://www.panagenda.com/webinars/alles-was-sie-uber-hcl-notes-14-wissen-mussen/
Die Release von HCL Notes 14 ist immer noch in aller Munde. Wenn Sie an diesem Webinar teilnehmen, könnte die Version sogar schon verfügbar sein. Aufregend! Es gibt viel zu bestaunen: neue Version der JVM, neue Eclipse-Version, und der Client ist nur noch als 64-Bit-Version verfügbar – um nur einige Highlights zu nennen. Ein guter Zeitpunkt, um darüber nachzudenken, ob, wie und wann der Umstieg auf Notes 14 sinnvoll sein könnte. Seien Sie versichert, dass alle Antworten, die Sie brauchen, in diesem Webinar bekommen werden.
Nehmen Sie an unserem Webinar mit dem HCL-Botschafter und führenden Experten Marc Thomas teil. Sie erhalten einen umfassenden Überblick und können den geschäftlichen Nutzen, aber auch die Kosten einer Umstellung besser einschätzen. Alles, was Sie wissen müssen und tun sollten, egal ob Sie bereits mitten im Upgrade sind oder noch die Vor- und Nachteile abwägen.
Was Sie lernen werden
- Was ist neu in HCL Notes 14?
- Ist HCL Notes 14 die richtige Wahl für Sie oder ist Notes 12 besser?
- Was ist vor einem Upgrade zu beachten?
- Welche Herausforderungen bringen 64-bit Notes Clients mit sich?
- Welche Probleme sind bekannt und welche Lösungen gibt es?
- Tipps und Tricks, um das Meiste aus Notes 14 herauszuholen
Zusammenführung von HCL Nomad Web und Domino ohne SafeLinx - So gehtspanagenda
Webinar Recording: https://www.panagenda.com/webinars/zusammenfuhrung-von-hcl-nomad-web-und-domino-ohne-safelinx-so-gehts/
HCL Nomad Web ist der Weg in die Zukunft. Die Benutzer können frei entscheiden, wann, wo und wie sie die Anwendung nutzen wollen. Das ermöglicht nicht nur größere betriebliche Flexibilität, sondern trägt auch zu einer höheren Mitarbeiterbindung und Produktivität bei. Und wenn Sie HCL Nomad Web und Domino ohne SafeLinx betreiben, wird der Weg in die Zukunft noch viel einfacher.
Nun, Ihr Ziel ist gesteckt. Sie wollen Nomad Web nutzen – den neuen Client im Browser. Dabei gibt es leider noch einige Hürden zu überwinden. Glücklicherweise beseitigt Domino 12.0.2 eine große Hürde. Der neue Nomad Web Server auf Domino macht es möglich, dass Nomad Web direkt mit Domino kommuniziert. SafeLinx ist nunmehr optional. Es geht auch ohne zusätzliche Komplexität.
Nehmen Sie am 13. Dezember an diesem Webinar teil, in dem Marc Thomas, HCL Ambassador & panagenda Senior Consultant, Ihnen Tipps und Tricks aus der Praxis zeigt. Erwerben Sie die Fähigkeiten, die Sie benötigen, um Nomad Web direkt mit Domino zu betreiben und HCL Nomad Web und Domino ohne SafeLinx zu nutzen. Sie erhalten in diesem Webinar ein fertiges Rezept, mit dem Sie in Ihrer Umgebung loslegen können.
In unserem Webinar über die Ausführung von HCL Nomad-Konfigurationen auf jedem Gerät haben wir Ihnen gezeigt, dass MarvelClient Roaming Ihnen helfen kann, viele Herausforderungen zu lösen. Es ermöglicht Ihnen die automatische Sicherung, Wiederherstellung und gemeinsame Nutzung von Konfigurationen (Desktop, aktuelle Anwendungen, Einstellungen und mehr) auf verschiedenen Geräten mit Nomad. Es lädt Konfigurationen auf Ihre Domino-Server hoch, sobald sie geändert werden, und aktualisiert dann auf transparente Weise alle aktuellen und neuen Geräte, die von derselben Person verwendet werden, mit minimalen Netzwerk- und Verarbeitungsanforderungen. Dieses Mal gehen wir noch ein bisschen weiter.
Dabei gehen wir besonders auf die folgenden Themen ein:
- Inbetriebnahme von HCL Nomad Web und Domino ohne SafeLinx
- Wie Sie Nomad Web Server schnell installieren und konfigurieren
- Wie der Nomad Web Server aus der Sicht eines Benutzers funktioniert
- Szenarien, in denen der Einsatz von SafeLinx weiterhin sinnvoll ist
SSL certificates in the Oracle Database without surprisesNelson Calero
Presentation delivered on UKOUG conference in December 2019.
Abstract: Nowadays database installations are required to use secure connections to communicate with clients, from connecting to the database listener to interact with external services (for example to send emails from the database).
Also since a couple of years ago, it has been required to use stronger protocols like TLS 1.2 (SHA2 algorithm), which requires extra configuration in older database releases.
This presentation shows how SSL certificates work from a DBA perspective, which tools are available and examples of configuring and troubleshooting their usage from the Oracle database. It also explores the implications and how to implement TLS 1.2 and common errors found in real life usage.
Learn how to load balance your applications following best practices with NGINX and NGINX Plus.
On-Demand Recording: https://www.nginx.com/resources/webinars/high-performance-load-balancing/
Join this webinar to learn:
* How to configure basic HTTP load balancing features
* The essential elements of load balancing: session persistence, health checks, and SSL termination
* How to load balance MySQL, DNS, and other common TCP/UDP applications
* How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment
About the webinar
You’ve built a great application and it’s gaining in popularity. Or maybe you already have a hardware load balancer and you’re looking to replace it with a software solution. In this webinar we’ll share the latest information on how to scale-out and load balance your applications with NGINX and NGINX Plus.
Training Slides: 302 - Securing Your Cluster With SSLContinuent
Watch this 41min training session on how to secure your Tungsten Cluster with SSL, looking at internal cluster communications as well as how to deploy SSL for the Tungsten Connector. It all starts off with some background information on what SSL is all about.
TOPICS COVERED
- What is SSL?
- Deploying SSL for Cluster communications
- Deploying SSL for Tungsten Connector
Radical changes in security have dramatic impact on load balancing. SSL/TLS is changing so rapidly that enterprises are forced to do a forklift upgrade of their hardware load balancers. However, with Avi's software load balancer, it’s as simple as a version update.
In this webinar, we will catch you up the latest SSL facts.
- SSL termination can be done with only software. And it has better security, scalability, and lower cost. That’s how Facebook and Google do it. Let’s see how.
- RSA and Elliptic-curve cryptography (ECC) have different implications for perfect forward secrecy (PFS), HTTP/2 and TLS 1.3 support. Let’s compare.
- SSL health score allows you to manage expiring certificates, automated certificate renewals, and notification alerts from a centralized control plane.
Full webinar: https://info.avinetworks.com/webinars-avi-tech-corner-episode-4
SSL Checklist for Pentesters (BSides MCR 2014)Jerome Smith
This presentation was made at BSides MCR 2014. It tackles the subject of SSL/TLS testing from the viewpoint of a penetration tester. It is a practical guide, broad in scope, focusing on pitfalls and how to check issues manually (as much as possible).
I already have updated material (including SNI and OCSP Stapling) for the next version. Look out for future content @exploresecurity and @NCCGroupInfosec.
Using MCollective with Chef - cfgmgmtcamp.eu 2014Zachary Stevens
It's time to move beyond SSH for infrastructure management.
MCollective is an awesome orchestration framework.
Chef is an awesome configuration management tool.
Contrary to popular belief, they work great together.
Speaker notes available here: https://dl.dropboxusercontent.com/u/369373/cfgmgmtcamp.eu%202014%20-%20Chef%20%26%20MCollective.pdf
Dynamic SSL Certificates and Other New Features in NGINX Plus R18 and NGINX O...NGINX, Inc.
On-Demand Link: https://www.nginx.com/resources/webinars/dynamic-ssl-certificates/
About the webinar
A key enhancement that we have introduced in NGINX Plus R18 is simplified provisioning of SSL/TLS certificates. More than 87% of websites now use SSL to encrypt communications over the Internet, with end-to-end encryption now the default deployment pattern for websites and applications. The explosion in certificates means some companies are managing many thousands of certificates in production environments. This calls for a more flexible approach to deploying and configuring certificates.
In this webinar we discuss how to load SSL certificates dynamically, along with other configuration, security, and reliability challenges, with new features in NGINX Plus R18 and NGINX Open Source.
An in-depth guide to VDI infrastructure delivering the best desktop/BYOD experience for your developers and other external knowledge workers. We will compare Amazon Workspaces with classic approaches to solving this challenge, and share best-practices for securing and managing a real-world production environment.
Speaker: Brett Looney, Solutions Architect, Amazon Web Services
NGINX: Basics & Best Practices - EMEA BroadcastNGINX, Inc.
On-demand recording: nginx.com/resources/webinars/nginx-basics-best-practices-live-emea
You have heard of NGINX and the benefits it can provide to your web application, but maybe you are not sure how to get started. There are a lot of tutorials online, but they can be outdated and contradict each other – making things more challenging.
This webinar will teach you how to:
* Install NGINX and verify it’s properly running
* Create NGINX configurations for reverse proxy, load balancing, and more
* Improve performance using keepalives and other NGINX directives
* Debug and troubleshoot using NGINX logs
Microsoft Azure Hybrid Cloud - Getting Started For TechiesAidan Finn
This is my "getting started for techies" presentation on using the Microsoft Azure public cloud to build hybrid cloud solutions in conjunction with Windows Server 2012 R2 Hyper-V and System Center.
This is my presentation from Denver Startup Week 2016 on security for applications and servers. This presentation covers everything you need to know about securing a Linux server and your application.
Similar to June OpenNTF Webinar - Domino V12 Certification Manager (20)
January OpenNTF Webinar - Backup your Domino Server - New Options in V12Howard Greenberg
Domino 12 introduced a new and very flexible Backup solution to bridge the gap between Domino and backup applications.
This session provides a jumpstart into this new functionality and technical background to understand the different types of integration options. Learn about the new backup feature in Domino 12 and discover how to integrate widely used backup solutions like Veeam. Watch the new backup feature in use with a live demo.
This will be a great session if you haven't been backing up your Domino server or are already using other backup solutions and want to integrate them better with Domino.
Your presenter will be Daniel Nashed from Nash!Com. He will answer your questions at the end.
For video go to openntf.org/webinars
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...Howard Greenberg
In this webinar OpenNTF members will discuss the Domino/Notes 12 features they like and suggest for everyone to check out!
The topics and speakers will be:
Time-based One-time Authentication (TOTP) - Roberto Boccadoro
TOTP allows multi-factor authentication. When users login to a Domino web server they have to provide a time-based one-time use password in addition to their usual name/password. This is done using a third party application like Google Authenticator, Authy or Duo Mobile on their mobile devices/computers.
Domino OSGI Tasklet Service (DOTS) - Serdar Basegmez
Create Domino server tasks using Java OSGI plugins. These can be scheduled and can interface with the server console using TELL commands.
One Touch Setup for Domino - Roberto Boccadoro
In previous versions of HCL Domino, setting up a Domino server involved multiple steps. Starting with Domino 12, you can use one-touch Domino setup to set up a server in just a single step.
September OpenNTF Webinar: Domino Online Meeting Integration (DOMI)
Many of our users rely on other meeting tools like Zoom, Teams, Webex, and GoToMeeting. Now Notes users can use their Notes client to integrate these meeting tools. Create, update and delete meetings from right within Notes! This webinar will focus on what DOMI is, how to install it, how it works, how to extend it and troubleshooting. The webinar will also dive deeper into parts that might be useful for your own day-to-day development
Speakers:
Paul Withers, HCL
Devin Olson, HCL
Rocky Oliver, HCL
August OpenNTF Webinar - Git and GitHub ExplainedHoward Greenberg
When OpenNTF began in 2001, source control was little known and sharing of code via the cloud was limited. Fast forward 20 years and GitHub is the dominant sharing site and git the standard technology for source control.
In this webinar Paul Withers and Jesse Gallagher will:
Demystify git
Explain Branching
Show what makes a high quality repository
How to take advantage of GitHub’s broad functionality
Get that coveted "Verified" badge
Go from source control zero to GitHub hero!
July OpenNTF Webinar - HCL Presents Keep, a new API for DominoHoward Greenberg
In 2019 the HCL Labs reimagined how a REST API for Domino should look like. The initial prototype was shared with selected customers and partner. Based on the feedback, Project KEEP will ship together with Domino.
KEEP allows applications to interact with Domino servers using simple HTTP calls directly from a browser, desktop or mobile app, or with a application server in the middle. To make this API accessible to a large audience open standards like OpenAPI or JWT were chosen over propriety implementations.
This session will introduce KEEP and the design principles and use cases. Data security and ease of use will be highlighted. Warm up your Postman clients and curl command lines and follow along!
The presenters for this session will be Stephan Wissel and Paul Withers from HCL.
March OpenNTF Webinar: Nomad Mobile - Tips and Tricks
Want to deploy your "classic" Notes client applications to mobile devices? Learn how HCL Nomad can deploy your Notes applications to your user's phones and tablets with no to minimal changes. Optimize those applications to really make those applications shine on mobile devices using new @Functions and LotusScript calls. Two presenters from HCL will share what Nomad Mobile is and the new functionality for optimization. Then see how a developer took an old Notes application and optimized it for Nomad and specific devices.
The speakers will be:
Thomas Hampel, HCL
Maxx Sutton, HCL
Theo Heselmans, HCL Lifetime Ambassador
Tom Van Aken, HCL Ambassador
February OpenNTF Webinar: Introduction to Ansible for NewbiesHoward Greenberg
This talk is for Domino admins and developers who would like to learn Ansible basics. Ansible is an automation engine to automate deployments. HCL provides a set of Ansible playbooks and roles to deploy a complete HCL Connections 7 environment. Come learn what Ansible is and why you should use it in this webinar.
The speaker will be:
Christoph Stoettener, HCL Ambassador
January OpenNTF Webinar: 4D - Domino Docker Deep DiveHoward Greenberg
This talk is for Domino admins and developers who would like to leverage containerization and want to get started navigating this jungle of technologies. Docker, Podman, Kubernetes, OpenShift, and more - we're going to explain when to use which platform and how to automate your deployments. The speakers will be:
Thomas Hampel, Director, HCL Product Management
Daniel Nashed, HCL Lifetime Ambassador
December OpenNTF Webinar: The Volt MX LotusScript ToolkitHoward Greenberg
Re-using business logic is key to expanding Domino applications beyond the Notes Client. HCL has introduced the Volt MX LotusScript Toolkit and invites the community to collaborate with us in its development. In this webinar HLC will outline the challenges and explain the design considerations. They will demonstrate and deep dive into the prototype code. See the flexibility beyond just Volt MX. Most importantly, learn how you can get involved to help shape the direction of this open source solution.
The speakers will be:
Paul Withers - HCL
Jason Roy Gary - HCL
Rocky Oliver - HCL
OpNovember Water Cooler Talk: The Mystery of Domino on Docker - Part 1Howard Greenberg
November Water Cooler Talk: The Mystery of Domino on Docker - Part 1
Why Use Docker for Managers, Developers, or Administrators - Christian Guedemann, Webgate
Docker Demo from a Developer Perspective - Dan Dumont, HCL
Using Docker for Admins - Roberto Boccadoro, ELD Engineering
For the video go to http://www.openntf.org/webinars
August Webinar - Water Cooler Talks: A Look into a Developer's WorkbenchHoward Greenberg
August Webinar - Water Cooler Talks: A Look into a Developer's Workbench
OpenNTF presents Water Cooler Talks, an irregular new series of webinars to provide a stage for individuals sharing their stories, experiences and best practices with their peers.
This month's topic is all about developers' workbenches. As developers we all have tools and routines we use to develop, collaborate and test our applications. We have experienced lots of issues and made mistakes and have a workflow that does the job, but may not be ideal. Are there better ways to do our jobs? Come learn from your fellow developers in this webinar that looks at the typical toolbox and workflow routines of several OpenNTF Board members and how they develop apps, manage tasks, track bugs, handle versioning and more.
Howard Greenberg develops Notes/Domino/XPages applications for a variety of clients. Come learn how he uses source control in Domino Designer along with SourceTree and BitBucket to collaborate with his clients and maintain a history of all changes.
Jesse Gallagher develops XPages and webapp projects that target Domino. He will present his development environment and discuss using Maven and Jenkins to automate builds and delivery.
Serdar Basegmez utilizes Domino to create RESTful APIs for his clients. He will present his development environment and share some tips on Eclipse configuration, deployment and testing Domino plugins.
View the video at https://youtu.be/AMbQ5H4dEvw
July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!Howard Greenberg
Come learn what all the user groups have been doing and what their future plans are in this COVID world. We have user groups from all over the Planet including:
DNUG (Germany) - Daniel Reichelt and Andreas Weinbrecht
Let's Connect (Worldwide) - Wannes Rams and Maria Nodin
Rnug (Russia) - Vladislav Tatarincev and Ivan Kuzmenkov
HCL Factory Tour - Tim Clark
Collabsphere (US) - Richard Moy
NCug (Scandinavia) - Hogne Bo Pettersen
Sutol (Czech Republic) - Jan Valdman
Engage (EU) - Theo Heselmans
C3UG (Canada) - Graham Acres
Watch the video at https://youtu.be/aDUrWxGaK-Q
OpenNTF June Webinar - What's New at HCL?
Learn what is new at HCL and the Digital Solutions products! Find out the latest news and what HCL has planned in this exciting webinar on June 18th at 11:00 am EST (3pm GMT).
Agenda
Welcome to the OpenNTF Webinar - Howard Greenberg and Graham Acres
Top of Mind, what's new at HCL Digital Solutions - Richard Jefts, HCL
What's New from the Digital Solutions Labs - Jason Gary, HCL
Domino, Notes, and Volt Update - Andrew Manby, HCL
Sametime Update - Ginni Saini, HCL
Connections Update - Adam Gartenberg, HCL
Digital Experience Update - David Strachan, HCL
Questions and Answers - Everyone
View the video at https://www.youtube.com/watch?v=xNMu4AyIeIM
OpenNTF Webinar Series - Essential Projects You Want to Know About
Come join us and learn how OpenNTF projects can maximize Domino in your organization. In this webinar we will spotlight several popular projects. Whether you are a developer, admininstrator or manager you will see how these projects can maximize your return on your Domino investment.
Wine Tasting App - See how an old stodgy Notes client application was quickly turned into a mobile application using Nomad presented by Theo Heselmans.
DQL Explorer - This application will allow fast queries to huge Domino databases using the new Domino Query Language. This application is ready to deploy and is a great example of how to use LotusScript to do queries. Presented by Luis Guirigay.
OpenLog - this project allows for logging messages and errors in one common log database regardless of the programming language. Why search in 5 different logs to find out why your application is failing? Presented by Paul Withers.
NSF ODP Tooling - Create an application without Designer? Add to Eclipse to support autocompletion? Export an NSF to an ODP (On Disk Project)? Learn how to bring your Domino development tooling into the modern ages using Maven presented by Jesse Gallagher.
OpenNTF Domino API - Get the latest status on this project presented by Jesse Gallagher.
The recording of this webinar is at https://www.youtube.com/watch?v=wW9pQZn1fSc&list=PLaDSIoof-i94x9MWTp5jZWuHL8PqK8efH
BP101 - Can Domino Be Hacked? Lessons We Can Learn From the Security Community from MWLUG-2017 with Howard Greenberg and Andrew Pollack
The Open Web Application Security Project (OWASP) is an open source community dedicated to improving software security. OWASP publishes a Top 10 list of common security issues in web applications with suggestions on how to alleviate them. This session will examine the OWASP Top Ten list of security suggestions and relate them to the Domino world and how you can better secure your Notes and Domino applications. Both administrators and developers will gain valuable insights into how to best protect sensitive information we maintain in our Domino environments!
MWLUG Session- AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...Howard Greenberg
Wondering how to take advantage of Java and Managed Beans in XPages? To do this requires knowing how to store data in Java objects and a good understanding of Maps, Trees, Lists, and Sets. No, we are not talking about Google Maps or those big green things in forests but different Java interfaces! Come learn different programming models to use when storing application configuration information, speeding up lookups to Domino data and feeding data to repeat and table controls. Learn how to build reports from different data sources. Plus, we will also look at working with dates and numbers in Java and Domino. Finally, we will review the Domino Java APIs and an alternative, the OpenNTF Domino API.
Connect 2016-Move Your XPages Applications to the Fast LaneHoward Greenberg
Are your XPages applications performing like a Florida senior citizen driving in the left lane at 55 mph? A key to speeding up your XPages applications is knowledge of the JSF lifecycle, partial refresh and partial execution. This session will cover these concepts and then apply them to optimizing an XPages application. Learn how to use tools to measure the performance of your XPages and determine where the bottlenecks are. Several sample applications will be analyzed along with alternative programming choices to improve their performance. Learn how to dramatically increase your XPages performance and make your users happy - you might even get a speeding ticket after this session!
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
2. AGENDA
• Welcome – Howard Greenberg and Graham Acres
• Domino V12 Certification Manager – Daniel Nashed
• Q and A
3. THANKS TO THE OPENNTF SPONSORS
• HCL made a significant contribution to help our
organization
• Funds these webinars!
• Contests like Hackathons
• Running the organization
• Prominic donates all IT related services
• Cloud Hosting for OpenNTF
• Infrastructure management for HCL Domino and Atlassian
Servers
• System Administration for day-to-day operation
4. THIS IS OUR COMMUNITY
• Join us and get involved!
• We are all volunteers
• No effort is too small
• If your idea is bigger than you can do on your own, we
can connect you to a team to work on it
• Test or help or modify an existing project
• Write guides or documentation
• Add reviews on projects / stars on Snippets
5. JULY WEBINAR
• HCL Presents Keep, a new API for Domino
• Stephan Wissel and Paul Withers, HCL
• Thursday, July 15, 2021 at 11:00 AM (New York
time
• https://attendee.gotowebinar.com/register/
1378320704479499279
6. ASKING QUESTIONS
• First Question – Will this be recorded?
• Yes, view on YouTube!!!
• https://www.youtube.com/user/OpenNTF
• Use the Questions Pane in GoToWebinar
• We will get to your questions at the end of
the webinar
• The speakers will respond to your questions
verbally
• (not in the Questions pane)
• Please keep all questions related to the
topics that our speakers are discussing!!!
• Unrelated Question => post at:
• http://openntf.slack.com/
8. 2 |
Agenda
• Theory
− Introduction / Motivation
− certstore.nsf & CertMgr
− Manual Flows
− Let's encrypt / ACME Support
− New TLS Credential Cache
• Live Demo & Questions
• Troubleshooting Slides
• Q&A
• Bonus: Build your own Lab
9. 3 |
Domino V12 Design Goal
• Simplify Domino certificate management
• No external tools like OpenSSL command-line to create keys and convert certificates needed!
• Replace difficult to handle *.kyr files with standard *.pem format
• Full Let's Encrypt® / ACME CA integration
• Simplified flows for external certificate authorities
• Domain wide secure and automated deployment for “TLS Credentials”
• Automated update of certificates including automatic cache update in internet server tasks
• Support modern standards like ECDSA in addition to RSA
10. 4 |
Technology used for CertMgr
• Native Servertask & DSAPI Filter (C/C++)
• Leverages existing and new Notes security APIs
• Implements Let's Encrypt uses ACME protocol V2 (RFC 8555)
− ACME = Automatic Certificate Management Environment
− Own HCL implementation leveraging standards like
▫ JSON, LibCurl, JWS, Notes crypto including PEM, RSA and ECDSA keys, (OpenSSL) …
• Designed for “automation”
12. 6 |
New - certstore.nsf
• Domain wide database managed by CertMgr task
• Secure, automated deployment for TLS Credentials and trusted roots
• Private keys are encrypted with CertMgr server
and the server specified in the field “Servers with access:”
− Special designed Vault style encryption with new API
• Easy to use with modern interface
• CertMgr servertask is only supported on W64 and Linux64
− AIX and OS400 can still leverage certstore.nsf and the new TLS Cache
▫ Create replica manually
13. 7 |
Create certstore.nsf on CertMgr Server
• First server in domain starting the “certmgr” servertask is setup as the CertMgr Server
− Checks the Domino directory profile on admin server for an existing CertMgr server
− If no server exists automatically creates the domain wider certstore.nsf database
− Updates the directory profile on admin server to propagate the CertMgr server in the domain
• Starting the certmgr servertask on any additional server in the domain creates a replica
− Each additional server acts like a “CertMgr client” and will just replicate the database every 2 minutes
− Keeping the CertMgr servertask loaded is an optional convenience step
− Any type of replication setup which ensures a short replication cycle can be used as well
14. 8 |
certstore.nsf – TLS Credentials
• TLS Credential = private key + leaf certificate +
chain (intermediates) + trusted root
• Replaces “*.kyr files”
− Stored in PEM format (text with base64 encoded data)
• Can be created via
− Manual flows including import
− ACME protocol (Let's Encrypt & others)
• Specify trusted roots used for client certificate verification
• Used to be hidden in kyr-file and was difficult to manage
15. 9 |
certstore.nsf – Trusted Root
• Stored in trusted, secured certstore.nsf
− Replicated domain wide
• Used for client cert verification
• And auto complete certificate chains
− ACME and manual flows
• Certificate chains are automatically sorted & completed
− Private Key → matching leaf certificate
→ intermediate certs in the right order → trusted root
• Tip: you can import intermediate certificates as
“Trusted Root” to be used to auto complete chains
− Just listed with warning, that they are no root
16. 10 |
New - Support for Elliptic Curves – “ECDSA Keys”
• ECDSA is the more modern, more secure standard with less overhead
− 256 bit (NIST P-256) ECDSA key → 3072 bit RSA key or a 128 bit AES key.
− 384 bit (NIST P-384) ECDSA key → 7680 bit RSA key or a 192 bit AES key.
− 512+ bit ECDSA key (NIST P-521) → 15360 bit RSA key or a 256 bit AES key.
• Fully supported in the Domino V12 TLS/SSL stack
− Support for RSA and ECDSA key types in parallel
• With ECDSA the following ciphers are automatically used instead of the cipher config
− TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B)
− TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C)
• Background Information ECDSA
− https://blog.cloudflare.com/ecdsa-the-digital-signature-algorithm-of-a-better-internet/
17. 11 |
Support for two important TLS 1.2 Curves – X25519 & X448
• Strong security with improved performance
− Details: https://en.wikipedia.org/wiki/Curve25519
• The new order of curves
− Curve X25519
− Curve NIST P-256
− Curve X448
− Curve NIST P-384
− Curve NIST P-521
• Notes.ini parameter per curve
− All curves enabled by default
− Current best practice
• If really needed disable individual curves
− SSL_DISABLE_CURVE_X25519=1
− SSL_DISABLE_CURVE_P256=1
− SSL_DISABLE_CURVE_X448=1
− SSL_DISABLE_CURVE_P384=1
− SSL_DISABLE_CURVE_521=1
18. 12 |
Manual Certificate Operations
• 1. CertMgr processes submitted requests and creates
− Private key ( RSA or ECDSA)
▫ Saved locally encrypted for assigned servers
• CSR (Certificate Signing Request) signed by private key→ PEM
• 2. Admin copies CSR to CA
• 3. Admin imports certificate & chain ( PEM ) back
• Paste full chain in any order and submits the form again
• Duplicate certs are ignored
• Missing intermediate certs and root are automatically
added from “Trusted Roots” in certstore.nsf
19. 13 |
Certificate Health Check & Inspecting Certificate Chains
• All certificate operations check if the certificate is valid
− Status: Valid, Warnings, Errors
− Detailed warning and error messages
• Most common warning:
“Last cert in chain NOT self signed – No root found”
− Not an error - Just means that there is no trusted root
− Trusted roots can be imported separately and are added
to the chain if present
• Updates CertMgr statistics to reflect the current health status
20. 14 |
Certificate Details
• Examine Certificate(s) Dialog
• Copy Certificate chain to check with external tools
− e.g. openssl x509 -in my.pem -text –noout
− Certificate information
24. 18 |
ACME HTTP-01 Challenges
• How it works
1. ACME server sends a challenge to ACME client
2. ACME server will ask via in-bound HTTP port 80 for the “secret” at a well-known URL
• DSAPI Filter “certmgrdsapi” needs to be enabled in server doc / internet site !!
− Tip: load certmgr -c adds the DSAPI filter to server doc – Internet sites need to specify manually
• If server is configured to only allow authenticated connection configure public URL
− Notes.ini: HTTPPUBLICURLS=/.well-known/acme-challenge/*:/redir.nsf/*:/MFASetup*
• Again: Inbound HTTP port 80 required!
• If the server is not reachable by the ACME server (e.g. Let's Encrypt), the challenge fails !!!
− Tip: Inbound connection can be a proxy connection
25. 19 |
ACME Provider Let‘s Encrypt – included in template
• Let's Encrypt Staging
− https://letsencrypt.org/docs/staging-environment
− Should always be used for first steps testing connectivity
− Provides the same functionality like Let's Encrypt production
− Much higher limits for certificates and errors
• Let's Encrypt production
− https://letsencrypt.org
26. 20 |
Additional tested ACME Providers
• ACME is a standard supported by more providers
• New ACME provider can be added using their published directory URL
• ZeroSSL *)
− https://zerossl.com
− Requires registration + external account binding (EAB)
• BuyPass *)
− https://buypass.com
27. 21 |
On premise ACME CA
• SmallStep ACME CA
− https://smallstep.com/docs/tutorials/acme-challenge
• CA with ACME functionality
• Can also operate as “Sub-CA” for an existing corporate CA
• Good choice for internal customer deployments
• Another tested environment
• Directory URL configured depends on your deployment
• Setup on Docker in 10 minutes!
28. 22 |
ACME DNS-01 Challenges
Background, Providers and Configuration
29. 23 |
ACME DNS-01 Challenges & Wild Card Certificates
• Allows to request certificates without inbound internet connection
• ACME Challenge is stored in DNS TXT record
• Supports wild card certificates! e. g. *.acme.com
• Requires DNS provider API with outgoing HTTPS connection to DNS provider
− No inbound connection needed
− Can leverage outgoing proxy connections
• CertMgr server can request certificates for any server in the DNS domain
30. 24 |
DNS Provider Interface
• Triggered by configured “registered domain”
− Choose the right provider
− Specify provider specific information
• Build-in support to integrate DNS providers
− Easy to integrate REST interface (@Formulas)
▫ Recommended interface!
▫ Works for most providers
▫ “Low code approach”
• Notes Agent
• Command-Line Integration
31. 25 |
Available DNS TXT Integration
• REST API
− Cloudflare, Inc
− Digital Ocean, LLC
− Hetzner Online GmbH (Germany)
− ACME DNS
− Let's Encrypt Pebble test server
• Command-Line
− AWS Route 53 DNS
32. 26 |
DNS Provider Interface – Import DXL
• DNS TXT API DXL files are not included in certstore.ntf
• Provider interfaces can be imported via DXL files
− Database action: Import DXL
• REST interface is based on @formulas
− Low code approach
− Can parse JSON responses
− Helper buttons for inserting fields & testing formulas
− Trace results useful for troubleshooting and development
33. 27 |
HCL Github repository for CertMgr
• Available as of today
• Brand new git repository for DNS TXT provider integration
• Contains ready to import and use DXL files and scripts
• Intendent to build, share and collaborate DNS provider configurations
35. 29 |
Low code approach with REST API and JSON
• Many DNS providers offer a REST base interface to manage DNS records
• Modern interfaces with JSON payloads
• CertMgr preferred integration option: HTTP request with @Formulas
• Technology used
− @Formulas
− HTTP/HTTPs requests (via Curl build into the servertask)
− JSON parsing results (native in the servertask) and make results available to @forumulas
• @Formulas for different steps of the operation including lookups
− Most flows should need to be that complicated flows
• Add/Delete operation for DNS TXT flows
36. 30 |
DNS Provider Configuration
• Designed to be shared
• Code & documentation in one document
• DXL Export/Import to share
• Meta information for references, version author
37. 31 |
Example: Digital Ocean
• Add and delete operation share the
same data in one result document
• Define HTTP request types, URL,
Header and Post data via @formula
• Use fields from configuration and
also parameters passed by CertMgr
• Results from JSON output can be
used in standard fields
• Status formula to check if request
was successful
▫ Uses HTTP status code syntax:
▫ 2xx = OK
38. 32 |
Build-in Developer Support
• Insert configuration fields and parameters into formulas
• Test formulas with sample data
− Results can be copied and modified
• Should make it a lot easier to implement your own formulas
• Request Trace helps during implementation
39. 33 |
Build-in Request Tracing
• Enabled either for all operations or just on error
• Shows all details about requests and results
• Documents are stored in certstore.nsf / DNS Trace Logs
• JSON fields and other results can be copied back into
formulas
40. 34 |
TLS Credentials Cache
New cache for RSA and ECDSA TLS Credentials
Mapping keyfiles for Internet Sites
41. 35 |
New TLS Cache
• *.kyr files have been managed by the KYR-Cache reading *.kyr files from disk
• New TLS Cache reads TLS Credentials directly from certstore.nsf
• TLS Cache sits in the SSL layer below internet protocols processes ( e.g. HTTP/SMTP)
• Support for RSA and ECDSA keys in parallel
• Support for wildcard certificate lookups
• Automatic on the fly certificate reload
− when added or updated
• Also manages trusted roots & OCSP cache
42. 36 |
Keyfile name field is still very important!
• The keyfile name in server document and internet site is
still triggering SSL
• Defines the default TLS Credential for the server
• Also used when server acts like a client ( e.g. outgoing secure SMTP )
• Best practice:
− Specify Domino server's host name you have a certificate for
− Or specify keyfile.kyr in server document / internet site document
− Have “keyfile.kyr” in the default TLS Credentials document tagging an RSA
key as the default
− Not only for HTTP -- Important for SMTP, LDAP, POP3, IMAP
43. 37 |
Demo Time
First Steps
Manual Flows
ACME Flows
Integrating with DNS TXT Providers
45. 39 |
TLS Credentials cannot be exported
• The private key of a TLS Credentials document is encrypted for security reasons
− Only CertMgr and “Servers with access:” can decrypt the key
• There is currently no option to export the private key
− A secure export is discussed for a future iteration
• Work-around
− For other Domains
▫ Copy server document into directory (or a DA directory) and encrypt for the server
▫ Add the server to “Servers with access:”
• Create the key outside and import the key to be used for manual or ACME flows
− As long as the key stays the same, the certificate can be merged with an existing key
46. 40 |
Private keys cannot be imported via UI
• Most import operations would involve copy & paste or similar to transfer a private key
− By design today the only options to import private keys are available via server console
• Work around : Current import / migration options
− load certmgr -importkyr keyring.kyr
▫ Import one KeyRing file (*.kyr) to CertStore
− load certmgr -importkyr all
▫ Import all KeyRing files referenced from server doc & internet sites to CertStore
− load certmgr -importpem <file>
− Import file containing PEM encoded certificate chain and keys to CertStore
48. 42 |
Global Settings
• Mainly used to set defaults for important settings
− For example: key type, key size, default ACME account and renewal interval
• Admin Server for CertMgr
− Should not be changed in global configuration document!
− Admin server is also stored in Directory profile “CertMgrServer” to publish in the domain
• Changing the admin server involves re-encryption of keys
• Migration via command-line option only!
− Load certmgr -MIGRATETOSERVER server-name
− Re-encrypts all private keys after checking all keys can be read
49. 43 |
CertMgr Commands
• Tell certmgr process
− Skips the wait time between requests
• Tip to reduce the interval for testing
→ notes.ini CERTMGR_INTERVAL=2 (default: 30 seconds)
• Tell certmgr shutdown
− Waits until a running request is terminated and stops cleanly
− Recommended shutdown option
− Usually not a problem because of the small volume of operations during a day
50. 44 |
Additional Notes.ini Parameter
• CertMgr_ReplicationInterval=n
− Default: 120 sec
− Used for client mode
• CertMgr_HealthCheckInterval=n
− Default 30 minutes
• CertMgr_CompactFreeSpace=n
− Default: 50%, Compacts database when specified percentage is free
• CertMgr_CompactDays=n
− Default: 30, Compacts database when not compacted since number of days
• CertMgr_ACCEPT_TOU=1
− Same as command-line option to confirm ACME provider terms of use – useful for automation
51. 45 |
Common Issues & Tracing
• ACME license terms not accepted
• DSAPI Filter not configured
− Check server document / internet site
• Port 80 cannot be reached – DNS or Firewall issue
• Most errors are already visible in TLS Credentials document
− More detailed information can be found in debug logs if enabled
• DNS-TXT provider cannot be reached or configuration problem
− DNS provider trace should be set to error logging by default in provider config
52. 46 |
Debugging and Troubleshooting Command Line
• -v = Verbose logging (log.nsf)
• -d = Debug mode
− IBM_TECHNICAL_SUPPORT/certmgr_debug_[..].log
• -l = Log all Curl I/O to file
− IBM_TECHNICAL_SUPPORT/certmgr_curl__[..].log
• -z = Connectivity test: Just get the ACME directory URLs and terminate
− Useful for testing internet connectivity
• Example: load certmgr -d -l
53. 47 |
TLS Cache Logging and Debugging
• CERTSTORE_CACHELOG=1
− Recommended Starting point for all troubleshooting
− Logs most important events only
• CERTSTORE_CACHELOG=2
− Very detailed logging → Debug mode
• DEBUG_SSL_TLSCACHE=1 *)
− Debug SSL side of TLS Cache
• DEBUG_SSL_KYRCACHE=2 *)
• Debug SSL for old KYR Cache *) Task restart needed
54. 48 |
DSAPI Debug Notes.ini Parameter
• DSAPI has no separate log file option
• Logging and debugging can be used to trace inbound challenge requests
• Notes.ini
− CERTMGR_DSAPIDEBUG=1
− CERTMGR_DSAPIVERBOSE=1
• Requires HTTP task restart ( restart task http )
55. 49 |
Hidden AllDocuments View
• Open via CTRL+Shift → View → Goto
• This view contains all documents by form
• CertMgr Server is listed for all documents encrypted
• Secondary sort column by NoteID and NoteUNID
− Find documents listed in low level error messages
57. 51 |
Building a Lab Environment
Domino on Docker with Let’s Encrypt Pebble
58. 52 |
Build your own Lab Environment
• Challenging in internal lab environments
− HTTP-01 → Inbound Internet connections are difficult in internal test environments
− DNS-01 → Requires registered DNS domain and DNS TXT API integration
• Solution
− Docker based lab environment
− Very easy to setup via docker-compose
− Supports HTTP-01 & DNS-01 challenges
− Logging allows to trace and understand
− We are using it also for automation testing
59. 53 |
Docker Desktop Lab Environment on Windows
• Very simple to setup and use environment
− Runs unmodified with default settings
− Components are reachable via 127.0.0.1
− Just switch to the right directory and run “docker-compose up”
60. 54 |
Docker Server Lab Environment on Linux
• Docker is installed on a Linux host running in
VM (Hyper-V or Virtualbox)
• More complex
− No 127.0.0.1 addresses can be used
− Needs configuration changes to map the right IP addresses inside VM / Docker
− Networking on virtual machines can be complex and tricky
− Virtualbox has some network limitations! → https://www.virtualbox.org/manual/ch06.html
• Starting fresh consider Docker Desktop
− But if you have an existing environment
− you are already experienced with VMs
61. 55 |
Import Lab Configuration
• The lab configuration is prepared in a DXL file
• You can just import it into the database
− ACME Account
− DNS Provider Configuration
• The default will work for the Docker Desktop environment
• You need to change IP addresses matching the Docker IP address/hostname
62. 56 |
Update IP Address in certstore.nsf
• The configuration is prepared for Docker Desktop
− In case of a Linux Docker scenario you have to update the
− IP address to reflect the correct address inside the VM
63. 57 |
DNS Provider Account Customization
• The DNS provider account is the trigger for DNS-01 challenges
• The lab environment allows to work with any domain
• The registered domain is used as a trigger
− You can change the domain, because the challenge server
allows accepts all DNS TXT records for this Pebble Lab server
• You can create multiple documents pointing to the same
DNS provider configuration
64. 58 |
Pebble Tips
• Import trusted root from Pebble server
− e.g curl -k https://127.0.0.1:15000/roots/0
• Pebble is designed for test and does not to store data permanently
− Docker container has no volume
− Root certificate and ACME account needs reset every time Pebble is restarted
• After restart you need to reset account
− Remove “ACME KID:”
− You will see error messages reminding you ;-)
66. QUESTIONS?
Use the GoToWebinar Questions Pane
Please keep all questions related to the
topics that our speakers are discussing!!!
Unrelated Question => post at:
http://openntf.slack.com/