Personal Blog of Thomas Hampel - Creative Mythbusting in Development and Collaboration

HTTP/SSL in Domino 9.0 - more Notes.ini variables to be removed after upgrade

Thomas Hampel
 12 March 2014

After upgrading to Domino 9.0 some users (but not all) claimed they are unable to access a server via HTTP, in specific it was iNotes access to one server while access was okay on other servers.

Quick check:
  • Domino HTTP task was running fine
  • TCP port 80 was responding
  • Redirect to SSL seemed not to work (Error "The connection was interrupted")
With the help of my colleagues we were looking at the console and found a number of errors showing up:

HTTP Server: SSL handshake failure, no website found for IP address [123.123.123.123]
[...]
New SSL session data length of 5132 bytes is larger than the current size of 5000 bytes.

Especially the second error message cause me to start thinking... Yes! I did remember there was an issue with earlier releases of Domino, where Technote 1220425 suggested setting two Notes.ini variables to fix a crash related to SSL
SSL_SESSION_SIZE
SSL_USE_ADDSESSION2

Of course these Notes.ini variables were still in place and still work -- they are not obsolete as such (see list of obsolete Notes.ini variables)
However, after upgrading to Domino 9.0 they are no longer required and as we have seen even cause problems if set too small.

Resolution:
1.) Remove these two variables as  (Reference : IBM Technote 1657588)
2.) Restart the HTTP task
...and iNotes with SSL is working again.
Comments [0]
Tagged with: Domino SSL
Go ElsewhereSubscribe to RSSAboutStay ConnectedAnd More
Thomas Hampel, All rights reserved.