fighting for truth, justice, and a kick-butt lotus notes experience.

HCL SafeLinx Administrator - Display Issues

 6 September 2021 15:16:41
If you are using the HCL SafeLinx Administrator client on Windows, you may be will  see some display issues.

Here is an example:


Image:HCL SafeLinx Administrator - Display Issues

Selection lists are not displayed correctly and option selection is not possible.


The reason for this is easy to find and to solve:

SafeLInx Administrator running on Windows requires a Java Open JDK version 8!  


Like mentioned in the documentation:
https://help.hcltechsw.com/safelinx/1.2/adminguide/installing_the_gatekeeper.html


If a newer version like Java OpenJDK v16 is installed, you are hit by the issue.


So install JDK v8 and it will be fixed.


Image:HCL SafeLinx Administrator - Display Issues

Download URL of the JDK v8:

https://adoptopenjdk.net/releases.html?variant=openjdk8&jvmVariant=hotspot


HCL SafeLinx 1.2.0 IF1 released

 10 August 2021 10:22:22

HCL released a fix for HCL Safelinx this week.

The build number is SafeLinx 1.2.0.1 (IF1)

Beside fixes there are a few new features included, like:

- MySQL on Windows support.
- Enable Windows SAML HTTP authentication
- Add redirect function to Nomad for / and /nomad paths to send to /nomad/index.html.


Included fixes:


SAFE-799:
MySQL on Windows support.


SAFE-820:
Add charset=utf-8 for json responses to fix character issues.


SAFE-821:
Nomad, parsing of CORS Origin header token may fail causing transaction failures.


SAFE-822:
Hidden option to disable CORS origin validation.


SAFE-823:
Nomad specific login screen translations missing in Linux pkg.


SAFE-841:
Crash in client-less processing code when Locale or Accept-Lang is not set.


SAFE-844:
SafeLinx Server Shutdown after Administrator window close and the Server Process start/stop not working from Administrator.


SAFE-851:
Buffer overrun in javascript rewrite function for client-less access with URL rewriting enabled.


SAFE-857:
Issue with converting the users home mailserver to canonical format when it contains multiple instances of the same attribute.


SAFE-865:
Default to a domino server in the app server list if no home mail server is defined for a Nomad user.


SAFE-867:
Remove expired ltpatokens from Cookie when multiple exist and SL can decode them. Block 3rd party token generation and set when SafeLinx is using token as SID.


SAFE-873:
When creating userConfig.json, if the user CN value has an attr with 2 or less characters, conversion to canonical format will fail leaving an invalid userCN in the json.


SAFE-886:
Ltpa config that users OtherID with X.500 notation transform fails when verifying username in unknown user scenario.


SAFE-887:
Performance issue when LtpaToken configured to use Other ID from directory record. Non indexed searches can lead to delays in transaction processing.


SAFE-885:
Add Server-Worker-Allowed to Nomad static file downloads.


SAFE-913:
Add redirect function to Nomad for / and /nomad paths to send to /nomad/index.html.


SAFE-918:
Server fails to start after reboot. Old autorestart scripts causing exit when used with systemd.


SAFE-935:
Default HTTP certificate file missing from Windows install.


SAFE-936:
Server startup fails if HTTP certificate file is missing.


SAFE-937:
Remove MFA-id check from nomad standard_login.html form.


SAFE-939:
Enable Windows SAML HTTP authentication


Details can be found here:

https://support.hcltechsw.com/csm?id=kb_article_view&sys_kb_id=f047e5dd876170105440c9d8cebb3573

HCL Traveler 12.0.0 Fixpack 1 released

 10 August 2021 09:48:49
HCL Traveler 12.0.0 Fix Pack 1 with Build Level 12.0.0.1 Build 202107200153 includes four fixes for the Traveler server.

New Features:

As far as I know Fixpack 1 does not include any new features.
A list of new Traveler v12.0 features of the major release can be found here:

https://help.hcltechsw.com/traveler/12.0.0/whats_new_1200.html

Included Fixes:


KB0092150

attachment file name changed when using SmartForward/SmartReply of the HCL Verse for Android / iOS

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0092150

KB0091495

HCL Traveler server 12.0.0 repeated crashes upon receipt of a SmartForward/SmartReply request of the HCL Verse for Android / iOS app.

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0091495

KB0092130

Error connecting to FCM (Google Firebase Cloud Messaging) servers via proxy        

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0092130

KB0092147
       
long delay of syncing emails to mobile devices if mail file path contains uppercase non-ASCII characters
If a user's mail file path contains an uppercase non-ASCII character, like Č or Š (for example, mailŠ/tom3.nsf), changes to the mail file are synced to the user's mobile devices only once per day
.
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0092147


Hints:

Note for customers that manage their database schema: Traveler 12.0.0 Fix Pack1 does not include a database schema update.

However prior releases did include database schema updates (for example: Traveler 11.0.0 did include a schema update).  Depending upon what level of Traveler server you are upgrading from, there may be a database schema update required.

Traveler 12.0.0 Fix Pack 1 can be used to install a new Traveler environment or update an existing Traveler environment running Domino 9.0.1.x, Domino 10.0.x, Domino 11.0.x or Domino 12.0.0.x without requiring a Domino upgrade. It is always recommended to keep Domino at the latest level.  If updating Domino to 12.0, a minimum of Traveler 12.0 is required.

More Details:
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0092047


Issue: Traveler not starting after installation of Domino 11.0.1 FP3

 12 April 2021 13:57:07
If you are running Traveler on Linux and you plan to updrade to Domino 11.0.1 FP3, you should read this HCL Support document:

Traveler task does not start after installing Domino 11.0.1FP3 on Linux systems


Applies to


HCL Traveler 11.0.1


Observed Behavior


If you have a Linux-based Traveler server running Domino 11.0.1, and you upgrade Domino to 11.0.1FP3, the Traveler task will not start.  Manually loading the Traveler task fails with an error message:


> load traveler

/opt/hcl/domino/notes/latest/linux/traveler: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory

 
Expected Behavior


Upgrading to the Domino fixpack level should not affect Traveler.


Workarounds


The Traveler binaries for Linux were built in a way that requires the libssl.so.1.1 and libcrypto.so.1.1 files to exist in the Domino install directory.  
To address a conflict between the Domino libs for ssl and crypto and standard Linux system libs of the same name (e.g., in the /lib64 directory), Domino 11.0.1FP3 renamed the files to libssl-domino.so.1.1 and libcrypto-domino.so.1.1.  
Therefore, to resolve the Traveler requirement, while logged in as the root user, create symlinks in the Domino install directory with the names required by Traveler that link to the newly renamed files:


[root@travdevcen02 notesdata]# cd /opt/hcl/domino/notes/latest/linux/

[root@travdevcen02 linux]# ls -la libssl* libcrypto*

-rwxr-xr-x. 1 root root 3366648 Mar 9 00:09 libcrypto-domino.so.1.1

-rwxr-xr-x. 1 root root 687856 Mar 9 00:09 libssl-domino.so.1.1

-rwxr-xr-x. 1 root root 937304 Mar 21 2020 libsslplus.so


[root@travdevcen02 linux]#
ln -s libssl-domino.so.1.1 libssl.so.1.1
[root@travdevcen02 linux]#
ln -s libcrypto-domino.so.1.1 libcrypto.so.1.1

[root@travdevcen02 linux]# ls -la libssl* libcrypto*

-rwxr-xr-x. 1 root root 3366648 Mar 9 00:09 libcrypto-domino.so.1.1

lrwxrwxrwx. 1 root root 23 Mar 10 09:45 libcrypto.so.1.1 -> libcrypto-domino.so.1.1

-rwxr-xr-x. 1 root root 687856 Mar 9 00:09 libssl-domino.so.1.1

-rwxr-xr-x. 1 root root 937304 Mar 21 2020 libsslplus.so

lrwxrwxrwx. 1 root root 20 Mar 10 09:45 libssl.so.1.1 -> libssl-domino.so.1.1

[root@travdevcen02 linux]#


Then, load traveler will work.


Defect Status


Designated


Designated/Resolved version


12.0


Problem Resolution


We will change the way the Traveler binaries for Linux are built, so the named libs are not required to exist in the Domino install directory.


https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0088665



LE4D - Let’s Encrypt 4 Domino - Network Error - Changed LE Roots

 4 Februar 2021 08:55:42
Let's Encrypt changed its own server SSL certificates used to communicate with their API endpoints in December 2020.

Production - API Endpoint:
https://acme-v02.api.letsencrypt.org/directory
Staging - API Endpoint:
https://acme-staging-v02.api.letsencrypt.org/directory

This may result in Let's Encrypt 4 Domino (LE4D) no longer being able to communicate with the API during agent execution for certificate updates.

The reason for it is, that the Let's Encrypt root / intermediate certificate are no longer trusted.

In the log you will get the following error message:


2021-02-03 20:41:45 INFO LE4D - midpoints LE4D (c) 2017 - 2021, V 2.2.0_20190930
2021-02-03 20:41:45 INFO LE4D - Logging events and errors to: '/var/local/notesdata/MIDPOINTS_TECHNICAL_SUPPORT/le4d/le4d.log'
2021-02-03 20:41:45 INFO LE4D - Processing configuration document: '86E7EF37D3D856600628627'.
2021-02-03 20:41:45 INFO LE4D - Using Html directory: domino/html
2021-02-03 20:41:45 INFO LE4D - Running in staging mode
2021-02-03 20:41:45 INFO LE4D - Requesting certificates.
2021-02-03 20:41:45 INFO LE4D - Writing file: '/var/local/notesdata/le/86E7EF37D3125856600628627/user.key'
2021-02-03 20:41:45 INFO LE4D - Session URL: acme://letsencrypt.org/staging
2021-02-03 20:41:45 ERROR LE4D - org.shredzone.acme4j.exception.AcmeNetworkException: Network error
2021-02-03 20:41:45 INFO LE4D - Writing file: '/var/local/notesdata/le/86E7EF37D25856600628627/domain.key'
2021-02-03 20:41:45 ERROR LE4D - java.lang.NullPointerException
2021-02-03 20:41:45 INFO LE4D - OUPS!! Something went wrong!
2021-02-03 20:41:45 INFO LE4D - midpoints LE4D finished!


The trusted root/intermediate certificates relevant for agent execution are located in the JVM folder of the Domino server in the cacerts file.

It must be checked once whether the newly used root/intermediate certificates are present here and updated if necessary.

Maybe one of the Root CAs are missing in your cacerts file:


Roots:
ISRG Root X1    
https://letsencrypt.org/certs/isrgrootx1.pem

DST Root CA X3    
https://letsencrypt.org/certs/trustid-x3-root.pem.txt

Intermediate:
 
Let’s Encrypt R3
https://letsencrypt.org/certs/lets-encrypt-r3.pem

Details and CA PEM Downloads:
 
https://letsencrypt.org/certificates/

Hints:
- You will have to restart your Domino server to initialize the JVM with the new cacerts. A 'tell HTTP restart' will not be enough.  
- HCL removed the ikeyman tool with Domino 11. So you can use the default Java keytool, which is part of the JVM install. It is a commandline tool. Details can be found here:

http://www.netzgoetter.net/internet/blogs/netzgoetter.nsf/dx/byebye-ibm-ikeyman-welcome-java-keytool.htm

HCL Traveler v11.0.2 released including MySQL support for Traveler HA Pools

 18 November 2020 13:46:44
Traveler 11.0.2 with Build Level 11.0.2.0 Build 202010261910_30 includes fixes for the Traveler server and two new features.

The big news: Traveler 11.0.2 will support MySQL for building Traveler HA Pools (Cluster) as one more option besides IBM DB2 or Microsoft SQL Server.

New Features:


Support for MySQL
Traveler 11.0.2 supports MySQL database for Traveler High Availability mode. MySQL versions 8.0.20 and higher of MySQL Community, Standard, and Enterprise editions are supported.  Traveler servers configured to use MySQL must be running Domino 11.0.0 or higher.

Support of Room Reservations with EAS 16.x Apple Calendar

Traveler 11.0.2 supports updating Room reservations for meetings modified from the Apple calendar.
The Apple device must be using the Microsoft Exchange ActiveSync 16.0 or later protocol (EAS 16.x).
Rescheduling or cancelling a meeting from the device will now reschedule or cancel a related room reservation in the Domino Rooms and Resources Database.
See 'Apple Limitations and restrictions' for support limitations

Updated APNS Certificates
Traveler 11.0.2 includes updated APNS Certificates that replace the certificates shipped with Traveler 11.0.1.  These new certificates expire November 7, 2021.


Database Schema
Traveler 11.0.2 does not include a database schema update, but a new Database Index:

This index was added to prevent duplicate entries in the ts_field_name table.
On the first Traveler startup on 11.0.2 a table repair action will be run to fix and remove duplicate entries if they exist and then add the index. 
However, if you manage your schema manually, you will need to do the following process to add the index:

        1        Run the VerifyIndexes.sql script
        2        If the index IDX_TS_FIELD_NAME_FN fails to be applied because of UNIQUE constraint errors, start traveler to have the table repair action run.
        3        Stop Domino and run the VerifyIndexes.sql again

Included Fixes


KB0082616
Server may exhaust Java memory in environments starved of memory

KB0084142
Apple native Mail app unable to send mails if the user does not have an internet address

KB0084445
HCL Traveler server might end abnormally with Out Of Memory conditions ghosting unprocessed many multi-instance meeting notices for a repeating meeting

KB0084375        
Attachments missing when syncing MIME email that is not multipart

KB0084048        
Error at writing MIME stream, Output Buffer Overflow when NTS_MIME_STREAM_FROM_DEVICE=true

https://support.hcltechsw.com/csm?id=kb_article_view&sys_kb_id=2459a5261b3b9c98beab64e6ec4bcba6


HCL SafeLinx 1.1 released added Support for HCL Nomad and Domino Entitlement

 4 September 2020 15:48:33
WOW! Yesterday HCL finally released the new version 1.1 of HCL Safelinx, which I have been waiting for for a long time.

Image:HCL SafeLinx 1.1 released added Support for HCL Nomad and Domino Entitlement

Among other new features, the new version offers support for HCL Nomad with and the nice gift that the client-less reverse proxy component of SafeLinx can be used FREE of charge as part of the Domino Entitlement for CCB customers.


For all Notes Domino Complete Collaboration Customers, SafeLinx v1.1 is now available as a free entitlement and will be listed under supporting programs. (SafeLinx is available as a standalone to non-Notes-Domino Complete Collaboration customers.) CCB customers can use SafeLinx’s server component without the need for an additional VPN client to securely access their Domino apps from mobile.


SafeLinx acts as a secure reverse proxy that works seamlessly out-of-the-box with Traveler, iNotes, Verse, Sametime, Connections, and now Nomad, too.

SafeLinx is used for central authentication, load balancing and failover.It is usually operated in the DMZ and tunnels HTTP traffic to the internal Traveler or Domino systems.


The special new feature of the Nomad integration is, that the Nomad app only establishes HTTPS connections with SafeLinx and the SafeLinx Traffic Handler performs the protocol conversion to the NRPC protocol on TCP port 1352.
So SafeLinx works as a secure preconfigured  Websocket Proxy for NRPC.
And yes, it will work perfectly together with idVault.
This finally enables the secure use of Nomad without the need for an existing VPN infrastructure and without having to use Domino Passthrough access.
SafeLinx will be an important part for the upcoming Nomad Web solution.


I will post more details about SafeLinx here in the near future and will also hold a 1 hour session next week at the #dnug47online Administration II event.


https://dnug.de/dnug47online-administration-ii-hcl-safelinx-first-steps/


SafeLinx is not new by the way. In IBM's day there was IBM Mobile Connect (IMC), which we introduced and supported for many of our customers to access clustered iNotes or Traveler environments. I set up my first IMC environment in 2009 at a large customer, who still runs it successfully today. IBM unfortunately discontinued IMC four years ago and took it out of active sales.
HCL has now brought IMC back to life and expanded it, which makes me very happy, because IMC was a really great solution. Many of our customers love it and continue to run IMC despite IBM's discontinuation and are now looking forward to connecting SafeLinx to Nomad as well as Traveler.  

And a special thank to the SafeLinx Team at HCL - You guys are rock stars!


Details about the SafeLinx release can be found here:

 

https://blog.hcltechsw.com/domino/new-release-hcl-safelinx-1-1-secure-vpn-services-for-cloud-or-on-premise/

    HCL Traveler 11.0.1 FP1 aka 11.0.1.1 released with fix for calendar notice routing when Traveler is in additional Domain

     2 Juni 2020 17:59:29
    Traveler 11.0.1 Fix Pack 1 with Build Level 11.0.1.1 Build 202005211639_30 includes fixes for the Traveler server and two new features.

    New Features:

    Support for Microsoft SQL Server 2019

    Traveler 11.0.1 Fix Pack 1 has been validated with Microsoft SQL Server 2019 as the Traveler server database when running in high availability mode.  

    Changes in calendar notice routing

    A side effect of the server support for Exchange ActiveSync (EAS) 16.1 introduced with Traveler 11.0.0 is that meeting notices from the Apple calendar application on these devices are sent using the Traveler server's mail.box. Routing failures can occur if the Traveler server is not configured to route mail to and from the mail servers. Meeting notices from the HCL Verse client on Apple devices are not impacted as these notices are still routed via the mail server mail.box. In configurations where customer wants to avoid routing these notices though the Traveler server then in this fixpack there is a new notes.ini setting NTS_AS_SEND_NOTICES_FROM_MAIL_SERVER that can be used to route the notices via the user's mail server mail.box. Note that this setting does not apply to notices sent from HCL Verse mobile clients.

    Included Fixes:

    TRAV-4582        Traveler warning Unexpected tag in Options: Class

     
    Details:

    Exchange ActiveSync 14.0 moved the Class XML element for GetItemEstimate commands from being a child of Collection to a child of Options which is a child of Collection. Traveler was not looking for Class as a child of Options and was logging a warning indicating an unknown child of Options was detected on the GetItemEstimate request. Traveler now expects Class to be a child of Options and no longer logs an incorrect warning. Traveler does not use the Class value, so there is no functional change - only no longer incorrectly logging the warning.


    TRAV-4519        Display name of groups with / on their names

     
    Details:

    Display names for email addresses have been compacted by Traveler to the content before the first forward slash to save user interface space on the devices. However, some customers have asked that the full display name be used, so new notes.ini's have been added to give customers more display name options.

    NTS_ADDRESSCACHE_ENCODING_DISPLAY_NAME_COMPACT controls the display name for addresses that are not internet addresses and need to be encoded as described in "Address encoding for Microsoft Exchange ActiveSync devices" of the Traveler documentation. The default is true which means the display name is the content up to the first forward slash.

    NTS_ADDRESSCACHE_DISPLAY_NAME_COMPACT controls the display name for all other (not encoded) addresses. The default is true which means the display name is the content up to the first forward slash.


    TRAV-4372        Provide an option to avoid routing meeting notices via the Traveler server's mail.box when making changes from the Apple iOS or iPadOS Calendar application

     
    Details:

    Invitations and other meeting notices will be routed via the Traveler server's mail.box when the meeting chair creates or updates the meeting from an Apple iOS or iPadOS Calendar application on a device syncing with Microsoft Exchange ActiveSync 16.0 or 16.1. This is the default behavior for HCL Traveler version 11.0 and later (note that there was no change in meeting notice routing from HCL Verse mobile clients). Failure to have routing and connection documents configured on the HCL Traveler server to/from the mail servers can prevent meeting notices from being received by the chair and/or invitees of the meeting.  To avoid routing these notices through the HCL Traveler server, the notes.ini setting NTS_AS_SEND_NOTICES_FROM_MAIL_SERVER can be set to True to route the notices via the user's mail server mail.box. Product documentation will be updated with this new setting.


    Hints:
    Note for customers that manage their database schema: Traveler 11.0.1 Fix Pack1 does not include a database schema update.
    Traveler 11.0.1 FP1 Database Schema Level: 20190922
    However prior releases did include database schema updates (for example: Traveler 11.0.0 did include a schema update).  Depending upon what level of Traveler server you are upgrading from, there may be a database schema update required.


    Traveler 11.0.1 Fix Pack 1 can be used to install a new Traveler environment or update an existing Traveler environment running Domino 9.0.1.x, Domino 10.0.x, or Domino 11.0.x without requiring a Domino upgrade. It is always recommended to keep Domino at the latest level.  If updating Domino to 11.0.1.x, a minimum of Traveler 11.0.1 is required.


    More Details:
    https://support.hcltechsw.com/csm?id=kb_article_view&sys_kb_id=e5c7a0671b7858500dabfe6fdc4bcb47


    LE4D & Domino 11.0.1 on Windows issue - Problem importing certificates into keyring

     14 April 2020 10:35:58
    Due to an issue with the JVM installed with Domino V11.0.1, Let's Encrypt 4 Domino a.k.a LE4D throws an error, when the tool tries to import the new / renewed certificate into the Domino keyring file.
    It's only an issue when running the Domino server on Windows.


    The agent calls the kyrtool and passes the required parameters to the tool.


    On the Domino V11.0.1 console, you will see an error


    13.04.2020 06:48:52 Agent error: java.io.IOException: Cannot run program "cmd.exe": Malformed argument has embedded quote: "d:\domino\kyrtool.exe" create -k "d:\domino\data\eknori_staging.kyr"

    13.04.2020 06:48:52 Agent error: at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)

    13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:621)

    13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:486)

    13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.tools.CommandProcessor.executeCommand(CommandProcessor.java:11)

    13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.runKyrTool(Le4dManager.java:623)

    13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.run(Le4dManager.java:205)

    13.04.2020 06:48:52 Agent error: at de.midpoints.MPStarter.NotesMain(MPStarter.java:16)

    13.04.2020 06:48:52 Agent error: at lotus.domino.AgentBase.runNotes(Unknown Source)

    13.04.2020 06:48:52 Agent error: at lotus.domino.NotesThread.run(Unknown Source)

    13.04.2020 06:48:52 Agent error: Caused by:



    The problem is not in the LE4D code itself, because it runs on Domino V9.0.1FP10 and also on Domino V10.x and also on Domino V11.

    It seemed to stop working after upgrading the server to V11.0.1, because of an update to a newer JVM version (>1.8.0_231-b11).


    HCL already published a Technote about the issue:


    https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0078230

    To fix the error in Domino V11.0.1 do the following


    If not already in place, create a new text file javaOptions.txt in the Domino DataDirectory


    Add the following line to the javaOptions.txt file ( If you already have a javaOptions file, append the new entry to the existing lines in the file)


    -Djdk.lang.Process.allowAmbiguousCommands=true


    Save javaOptions.txt


    Add the following line to the server notes.ini


    JAVAOPTIONSFILE=D:
    \YourDominoDataDir\javaoptions.txt


    Hint: Add the fullpath to the javaoptions.txt, otherwise the file will not be used. On Windows use a Backslash.

    Restart the server


    When you now run the LE4D tool, everything should work!


    We will update the LE4D documentation in the next few days.


    HCL Traveler 11.0.1 released with support for Cross Domain ID-Vault

     31 März 2020 18:38:49
    HCL Traveler 11.0.1 is a feature release that includes new features and bug fixes for the Traveler server.

    Traveler 11.0.1 can be used to install a new Traveler environment or update an existing Traveler environment running Domino 9.0.1.x, Domino 10.0.x, or Domino 11.0.x without requiring a Domino upgrade
    .

    (Although it is always recommended to keep Domino at the latest level.)


    Database Schema


    Traveler 11.0.1 does include a database schema update.


    New Features

    Support for Microsoft SQL Server 2017
    Traveler 11.0.1.0 has been validated with Microsoft SQL Server 2017 as the Traveler server database when running in high availability mode.  

    Updated APNS Certificates
    Traveler 11.0.1 includes updated APNS Certificates that replace the certificates shipped with Traveler 10.0.1.2.  These new certificates expire February 13, 2021.

    Support for cross-domain ID vault
    When working with encrypted mail, Traveler now supports retrieval of a user's Notes ID file from an ID vault that is in a different Domino domain than the Traveler server.
    More details can be found here: https://help.hcltechsw.com/traveler/11.0.0/Plan_Domino_domains.html

    Fix List


    TRAV-4441 Traveler server shows thousands of errors are logged in the Domino console

    When Traveler encounters problems accessing the UnreadTable for a user or users, a large number of severe errors are logged to the console.  This fix reduces the severe logging for UnreadTable access errors.

    TRAV-4383 Server crashes since upgrading to Traveler 11.0

    After upgrading to Traveler 11.0, servers started crashing with LSXBE: ****** Out of Backend Memory ******* errors in the console. Fix addresses memory leak associated with these crashes.

    TRAV-4348 APNS push notifications working only for HCL Verse for iOS

    Starting with Traveler 11.0.0, applications other than Verse for iOS that use APNS notifications (Verse for Citrix, To Do, MaaS360 and Third Party registered applications such as Virtual Solutions SecurePIM client) were having those notifications rejected by the Apple APNS servers with the rejection reason of "DeviceTokenNotForTopic". This fix corrects the topic to be correct for all applications using APNS notifications.

    TRAV-4331 Traveler server reporting red status due to native memory usage on Microsoft Windows Servers

    The Traveler server method of calculating native (C) memory usage in the Windows environment was incorrectly leading to Traveler reporting a red status for native memory usage.  Traveler has changed to use the Traveler process memory instead of total system virtual memory for C memory usage calculations on Windows servers.

    TRAV-4314 Add Outlook (IMSMO) client safety that sets push flags if SyncML gets to 50 messages

    To protect itself from stack overflow issues, the IMSMO client will stop the sync after 50 SyncML messages to then start a new sync. There are some cases where the client does not start a new sync but does connect to push on the server. The push flags are already cleared based on the sync (as they should be), so the client does not sync again until some other data is changed such as receiving a new email. This changes the server to set the push flags for the IMSMO client if the sync reaches the 50th SyncML message so that if the client does not sync again but does connect to push, push will cause the needed sync to be started.

    TRAV-4307 After an upgrade to Traveler 11.0.0.0, when running with the Derby database, some devices were missing contacts/calendar/email

    When running Traveler server with the Derby database, a re-sync of a user's device with a large number of customer folders may take too long for the folder sync request.  This can prevent the user's calendar, mail, and contacts from syncing to the device. A database indexing hint was added to reduce sync times. This problem can occur in versions including and prior to Traveler 11.0.0.0.

     TRAV-4239 Mail sent appears to sender to be 1 hour off

    Changed the way the Traveler server checks for daylight savings time support on startup in order to prevent a problem with the Casablanca and El Aaiun time zones logging severe errors about a mismatch in DST support.

     TRAV-3733 Update APNS p12 files that expire in June 2020

    Traveler 11.0.1.0 includes updated APNS Certificates that replace the certificates shipped with Traveler 10.0.1.2.  These new certificates expire February 13, 2021.

    TRAV-2984 Traveler reports red status due to severe message flood from EventContainer.maintainSeqNumbers

    Reduced the log level of a frequent error caused by processing events with corrupted sequence numbers.


    Details:
    https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0076377


    Archive