Congratulations!

[Valid RSS] This is a valid RSS feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

Source: http://blog.darrenduke.net/Darren/DDBZ.nsf/feed.rss

  1. <?xml version="1.0" encoding="utf-8"?>
  2. <rss version="2.0"
  3. xmlns:dc="http://purl.org/dc/elements/1.1/"
  4. xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
  5. xmlns:admin="http://webns.net/mvcb/"
  6. xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
  7. xmlns:content="http://purl.org/rss/1.0/modules/content/"
  8. xmlns:wfw="http://wellformedweb.org/CommentAPI/">
  9. <channel>
  10. <title>Darren Duke Blog Zone</title>
  11. <description>Occasionally useful stuff around technology, VMware, Domino, Symantec, accents and the pursuit of happiness.</description>
  12. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/</link>
  13. <language>en-us</language>
  14. <lastBuildDate>Mon, 19 Dec 2016 09:30:56 -0400</lastBuildDate>
  15. <item>
  16. <title>2016 the annus horribilis review</title>
  17. <pubDate>Mon, 19 Dec 2016 09:30:56 -0400</pubDate>
  18. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/2016-the-annus-horribilis-review.htm</link>
  19. <category>misc</category>
  20. <dc:creator>Darren Duke</dc:creator>
  21. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/2016-the-annus-horribilis-review.htm?opendocument&amp;comments</comments>
  22. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/2016-the-annus-horribilis-review.htm</guid>
  23. <content:encoded><![CDATA[ Firefox started at 43, ended at 50 (they are slowing down....) <br /> <br />Chrome started at 47, ended at 55 (they are speeding up....) <br /> <br />IE....you know what? F**k IE. <br /> <br />Still using Chrome as my primary browser, although Vivaldi is slowly taking over <br /> <br />Didn't go Connect 16. Won't be at Connect 17. I already know what's going to happen....IBM is going to tell you about all the products that they promise *&nbsp;cognitive* is being added too. Like Verse (2 years ago?) and Toscana. "No, really we are" they will promise. There is a new GM. Can't possibly be worse than the last one. <br /> <br />Speaking of Toscana, it was released. In only a way IBM can release something. Think Verse Basic with all the features taken out.&nbsp; <br /> <br />Following on from the "release" of new products, IBM decided not to release (as in ever) 9.0.2. Yeah, I know right..... <br /> <br />But Verse On-Prem should see the light of day on&nbsp;December&nbsp;30th. Yeah, I know right..... <br /> <br />Oh, Hawthorn was released. So there's that. <br /> <br />Still never seen a live (or otherwise) CCM installation.&nbsp; <br /> <br />Moved up to an iPhone 7 Plus, fingerprint smudge edition. Or as most people call it the shiny black one. <br /> <br />Oh, oh....new podcast. Stu and I could resist no longer. We also brought along Jesse Gallagher so IBM can blame someone new. <br /> <br />We also sneaked in one last TWIL. No really, 115 is it. (see above) <br /> <br />Any "Big IT" thinking of&nbsp;splitting itself in two&nbsp;should&nbsp;endeavor&nbsp;to be more like HPE/HP and not at all like the train wreck that is the Symantec/Veritas split. Train. Wreck.&nbsp; <br /> <br />By year end I should have 50+ nights in hotels. Not the rented by the hour type, but *real* hotels. That number went up, but my time in a car is about 90 minutes less per day. Yes, per day. Ah, life in ATL. <br /> <br />Brexit *and* Trump. Luckily my grandparents were Irish, so I see another passport in my future. <br /> <br />After having voters potentially end the world, I decided not to inflict further damage on my psyche and stayed with Windows 7 Pro. Even a free Windows 10 is too much to take. <br /> <br />Completed 10,000+ steps every day since Nov 30, 2015. So over 365 days now....the streak is still active. 15,000,000 total steps on my various Fitbit devices. <br /> <br />Technologies that made 2016, Let's Encrypt, SONOS, Nest, Roku, 4K TV's <br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> <br />  ]]></content:encoded>
  24. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/2016-the-annus-horribilis-review.htm</wfw:commentRss>
  25. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/2016-the-annus-horribilis-review.htm?opendocument&amp;comments</wfw:comment>
  26. </item>
  27. <item>
  28. <title>Renewing LetsEncrypt SSL certificates automatically with NginX</title>
  29. <pubDate>Fri, 9 Dec 2016 11:06:31 -0400</pubDate>
  30. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/renewing-letsencrypt-ssl-certificates-automatically-with-nginx.htm</link>
  31. <category>ssl</category>
  32. <dc:creator>Darren Duke</dc:creator>
  33. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/renewing-letsencrypt-ssl-certificates-automatically-with-nginx.htm?opendocument&amp;comments</comments>
  34. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/renewing-letsencrypt-ssl-certificates-automatically-with-nginx.htm</guid>
  35. <content:encoded><![CDATA[ A while back I <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/switched-to-lets-encrypt-for-the-blog-ssl-certificate.htm" title="switched-to-lets-encrypt-for-the-blog-ssl-certificate.htm" target="_blank"/>blogged that I switched the SSL</a> on this blog to <a href=https://letsencrypt.org/><span style="text-decoration:underline">Let's Encypt</span></a>, the free SSL provider. I even linked to the Crontab post I used to renew the SSL certificate (they are only good for 90 days, so need to be renewed regularly). <br /> <br /> Except mine would not renew. Hum.... I eventually got around to looking at this before the certificate ran out on Dec 20th and it turns out I needed to do a few more steps. <br /> <br /> If you manually run the renew.sh on the server without these additional steps this is what you get: <br /> <br /> <blockquote>&#91;[email protected] ~&#93;# /root/letsencrypt/scripts/renew.sh <br /> /root/.local/share/letsencrypt/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6 <br /> DeprecationWarning <br /> Saving debug log to /var/log/letsencrypt/letsencrypt.log <br /> <br /> ------------------------------------------------------------------------------- <br /> Processing /etc/letsencrypt/renewal/darrenduke.net.conf <br /> ------------------------------------------------------------------------------- <br /> Cert is due for renewal, auto-renewing... <br /> Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org <br /> Renewing an existing certificate <br /> Performing the following challenges: <br /> tls-sni-01 challenge for darrenduke.net <br /> tls-sni-01 challenge for blog.darrenduke.com <br /> tls-sni-01 challenge for blog.darrenduke.net <br /> tls-sni-01 challenge for www.darrenduke.net<br /> Cleaning up challenges <br /> Attempting to renew cert from /etc/letsencrypt/renewal/darrenduke.net.conf produced an unexpected error: Cannot find a VirtualHost matching domain darrenduke.net.. Skipping. <br /> <br /> All renewal attempts failed. The following certs could not be renewed: <br /> /etc/letsencrypt/live/darrenduke.net/fullchain.pem (failure) <br /> 1 renew failure(s), 0 parse failure(s) <br /> The Let's Encrypt cert has not been renewed! <br /> <br /> File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module> sys.exit(main()) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/main.py", line 776, in main return config.func(config, plugins) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/main.py", line 592, in renew renewal.renew_all_lineages(config) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/renewal.py", line 365, in renew_all_lineages len(renew_failures), len(parse_failures))) Error: 1 renew failure(s), 0 parse failure(s) <br /> </blockquote> <br /> <br /> Well that's not good....off I went a Goggling. Here's the missing step.....at least for NginX servers. <br /> <br /> <blockquote> ./letsencrypt-auto certonly -a webroot --agree-tos --renew-by-default --webroot-path=/usr/share/nginx/html/ -d darrenduke.net -d blog.darrenduke.net -d blog.darrenduke.com -d www.darrenduke.net</blockquote> <br /> <br /> A few notes, check that the webroot-path is what is listed as the root in the NginX config and add each domain that is part of the SSL certificate with the -d option (I have 4 above). <br /> <br /> Once you do this you will see a fair amount of messages on the screen and eventually get to this: <br /> <br /> <blockquote>IMPORTANT NOTES: <br /> - Congratulations! Your certificate and chain have been saved at <br /> /etc/letsencrypt/live/darrenduke.net/fullchain.pem. Your cert will <br /> expire on 2017-03-09. To obtain a new or tweaked version of this <br /> certificate in the future, simply run letsencrypt-auto again. To <br /> non-interactively renew *all* of your certificates, run <br /> "letsencrypt-auto renew" <br /> - If you like Certbot, please consider supporting our work by: <br /> <br /> Donating to ISRG / Let's Encrypt: &nbsp; <a href=https://letsencrypt.org/donate><span style="text-decoration:underline">https://letsencrypt.org/donate</span></a> <br /> Donating to EFF: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<a href="https://eff.org/donate-le"><span style="text-decoration:underline">https://eff.org/donate-le</span></a> <br /> </blockquote> <br /> <br /> Now when I manually try to renew the certificate I don't get any errors: <br /> <br /> <blockquote>&#91;[email protected] letsencrypt&#93;# ./letsencrypt-auto renew --nginx <br /> /root/.local/share/letsencrypt/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6 <br /> DeprecationWarning <br /> Saving debug log to /var/log/letsencrypt/letsencrypt.log <br /> <br /> ------------------------------------------------------------------------------- <br /> Processing /etc/letsencrypt/renewal/darrenduke.net.conf <br /> ------------------------------------------------------------------------------- <br /> Cert not yet due for renewal <br /> <br /> The following certs are not due for renewal yet: <br /> /etc/letsencrypt/live/darrenduke.net/fullchain.pem (skipped) <br /> No renewals were attempted. <br /> <br /> </blockquote> <br /> <br /> Another thing worth noting is that I appended --nginx to the crontab job as well. That takes care of restarting NginX for me once the certificate is renewed. <br /> <br /> I guess we'll see if this all works at the end of February.   ]]></content:encoded>
  36. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/renewing-letsencrypt-ssl-certificates-automatically-with-nginx.htm</wfw:commentRss>
  37. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/renewing-letsencrypt-ssl-certificates-automatically-with-nginx.htm?opendocument&amp;comments</wfw:comment>
  38. </item>
  39. <item>
  40. <title>WTF? A new podcast? If you liked This Week In Lotus, you should (at least) like &#8217;WTF Tech&#8217;</title>
  41. <pubDate>Mon, 31 Oct 2016 09:00:00 -0400</pubDate>
  42. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/wtf-a-new-podcast-if-you-liked-this-week-in-lotus-you-should-at-least-like-wtf-tech.htm</link>
  43. <category>podcast</category>
  44. <dc:creator>Darren Duke</dc:creator>
  45. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/wtf-a-new-podcast-if-you-liked-this-week-in-lotus-you-should-at-least-like-wtf-tech.htm?opendocument&amp;comments</comments>
  46. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/wtf-a-new-podcast-if-you-liked-this-week-in-lotus-you-should-at-least-like-wtf-tech.htm</guid>
  47. <content:encoded><![CDATA[ A long time ago, before IBM came down like a hammer, there was a podcast. We really enjoyed doing This Week In Lotus, but it became a bit untenable as IBM threatened all kinds of stuff (including revoking *my* Champion status.....) so we stopped. But IBM kept doing "WTF?" kinds of things.....canceling 9.0.2, going to fix packs only, spreading Java 8 out over a year (from now). After getting together at MWLUG, Stuart and I started to reminisce and we started thinking about saddling up again. <br /> <br /> So we did..... <br /> <br /> <img  alt="Image:WTF? A new podcast? If you liked This Week In Lotus, you should (at least) like &#8217;WTF Tech&#8217;" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/wtf-a-new-podcast-if-you-liked-this-week-in-lotus-you-should-at-least-like-wtf-tech.htm/content/M2?OpenElement" /><br /> <br /> Except this time there are some notable changes:  <ul> <li>New name, <strong>WTF Tech</strong>,  </li><li>There are three hosts now. As noted in the last ever TWIL, Jesse Gallagher joins the team. He's funny so he offsets Stu, and he's knowledgeable so he offsets me.  </li><li>Focus has moved from IBM. I would not say IBM are irrelevant (yet, in fact Episode 001's title comes for IBM), but we've expanded out reach. &nbsp;No one is safe.  </li><li>There will be no guests. So no more shitty audio from guests who never RTFM and had no headphones.  </li><li><strong>It will not be weekly</strong>. We're thinking every two weeks, but some weeks will be barren and others (like this last week) will be a perfect storm.</li></ul><br /> There will be tips, so don't worry. And snark. No point doing it if there wasn't snark. <br /> <br /> So what are you waiting for? Head on over to <a href=http://wtftech.fm/><span style="text-decoration:underline">http://wtftech.fm/</span></a> and join the fun, and be sure to follow <a href=https://twitter.com/wtf_tech><span style="text-decoration:underline">@wtf_tech</span></a> on Twitter. <br /> <br /> <br />   ]]></content:encoded>
  48. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/wtf-a-new-podcast-if-you-liked-this-week-in-lotus-you-should-at-least-like-wtf-tech.htm</wfw:commentRss>
  49. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/wtf-a-new-podcast-if-you-liked-this-week-in-lotus-you-should-at-least-like-wtf-tech.htm?opendocument&amp;comments</wfw:comment>
  50. </item>
  51. <item>
  52. <title>Switched to Let&#8217;s Encrypt for the blog SSL certificate</title>
  53. <pubDate>Wed, 21 Sep 2016 11:55:20 -0400</pubDate>
  54. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/switched-to-lets-encrypt-for-the-blog-ssl-certificate.htm</link>
  55. <category>ssl</category>
  56. <dc:creator>Darren Duke</dc:creator>
  57. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/switched-to-lets-encrypt-for-the-blog-ssl-certificate.htm?opendocument&amp;comments</comments>
  58. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/switched-to-lets-encrypt-for-the-blog-ssl-certificate.htm</guid>
  59. <content:encoded><![CDATA[ I had switched the blog to SSL a while back (mainly due to Google threatening that non-SSL website will take a hit in searches). At the time <a href=https://letsencrypt.org/ target=_blank>Let's Encrypt</a> (the free, yes free, CA SSL issuer) was just getting started and didn't have roots published to most of the browser root stores. Because of this I went with free certificate available from <a href=https://www.startssl.com/ target=_blank>Start SSL</a>. I'm not disappointed with StartSSL, it's just time to try something else when the StartSSL certificate expired. &nbsp;In fact if you need anything SSL related I'd suggest you give StartSSL a look, they have lots of options are very reasonable on prices. <br /> <br />Still this blog doesn't need EV or anything like that so Let's Encrypt it is. While this blog runs on a Domino server it is fronted by a CentOS server running nginx. These servers are located at Prominic and a quick support request had the required Linux pre-reqs installed on the nginx server. <br /> <br />From there it took maybe 10 minutes to create and install the SSL. <br /> <br />I could outline the steps here, but really, I just followed this: <br /> <br /><a href="http://idroot.net/tutorials/how-to-install-letsencrypt-ssl-with-nginx-on-centos-6/" target=_blank>http://idroot.net/tutorials/how-to-install-letsencrypt-ssl-with-nginx-on-centos-6/</a> <br /> <br />And then used this for the crontab stuff: <br /> <br /><a href="https://www.nginx.com/blog/free-certificates-lets-encrypt-and-nginx/" target=_blank>https://www.nginx.com/blog/free-certificates-lets-encrypt-and-nginx/</a> <br /> <br />  ]]></content:encoded>
  60. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/switched-to-lets-encrypt-for-the-blog-ssl-certificate.htm</wfw:commentRss>
  61. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/switched-to-lets-encrypt-for-the-blog-ssl-certificate.htm?opendocument&amp;comments</wfw:comment>
  62. </item>
  63. <item>
  64. <title>iNotes and IE Standards mode now seems to work in 9.0.1 FP7</title>
  65. <pubDate>Wed, 14 Sep 2016 10:18:37 -0400</pubDate>
  66. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-and-ie-standards-mode-now-seems-to-work-in-9.0.1-fp7.htm</link>
  67. <category>domino</category>
  68. <dc:creator>Darren Duke</dc:creator>
  69. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-and-ie-standards-mode-now-seems-to-work-in-9.0.1-fp7.htm?opendocument&amp;comments</comments>
  70. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-and-ie-standards-mode-now-seems-to-work-in-9.0.1-fp7.htm</guid>
  71. <content:encoded><![CDATA[ I had <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-and-ie11-yes-it-is-supported.htm" title="inotes-and-ie11-yes-it-is-supported.htm" target="_blank"/>praised</a>, then <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/well-so-much-for-ie11-and-inotes-standards-mode.htm" title="well-so-much-for-ie11-and-inotes-standards-mode.htm"/>lamented</a> the new-ish iNotes forms templates that allow you do copy and paste images from the clipboard into IE. Well, with FP7 IBM (so far) seem to have addressed the issue search issue that forced me to disable this again. <br /> <br /> It's now back on for my servers. Let's see how long before I lament this again. <br /> <br /> It is probably worth pointing out that Ulrich Krause is reporting issues with the "normal" iNotes forms9.nsf shipped in FP7. I have not seen the issue he reported in the forms9s.nsf. <br /> <br /> <blockquote class="twitter-tweet" data-partner="tweetdeck"><p lang="en" dir="ltr"><a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/<a href="https://twitter.com/hashtag/IBM?src=hash"><span style="text-decoration:underline">https://twitter.com/hashtag/IBM?src=hash</span></a>">#IBM</a> <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/<a href="https://twitter.com/hashtag/Domino?src=hash"><span style="text-decoration:underline">https://twitter.com/hashtag/Domino?src=hash</span></a>">#Domino</a> 901FP7 breaks iNotes. &#8222;Formula error&#8220; when opening mailfile in the browser</p>&amp;mdash; Ulrich Krause (@Eknori) <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/<a href=https://twitter.com/Eknori/status/776058177364299777><span style="text-decoration:underline">https://twitter.com/Eknori/status/776058177364299777</span></a>">September 14, 2016</a></blockquote> <br /> <script async src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx///platform.twitter.com/widgets.js" charset="utf-8"></script> <br /> <br /> <br /> <br />  &nbsp;  ]]></content:encoded>
  72. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/inotes-and-ie-standards-mode-now-seems-to-work-in-9.0.1-fp7.htm</wfw:commentRss>
  73. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-and-ie-standards-mode-now-seems-to-work-in-9.0.1-fp7.htm?opendocument&amp;comments</wfw:comment>
  74. </item>
  75. <item>
  76. <title>9.0.1 FP7 and how to enable the new port encryption settings</title>
  77. <pubDate>Wed, 14 Sep 2016 04:37:42 -0400</pubDate>
  78. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.1-fp7-and-how-to-enable-the-new-port-encryption-settings.htm</link>
  79. <category>domino</category>
  80. <dc:creator>Darren Duke</dc:creator>
  81. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.1-fp7-and-how-to-enable-the-new-port-encryption-settings.htm?opendocument&amp;comments</comments>
  82. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.1-fp7-and-how-to-enable-the-new-port-encryption-settings.htm</guid>
  83. <content:encoded><![CDATA[ <strong>Update : Check the comments, Shaun has added a link to the actual IBM technote..... you may or may not want 127 as the value, so check that before doing anything.</strong><br /> <br /> 9.0.1 FP7 has shipped. It's not all we hoped (only three new features, and no Java 8) <strong>but</strong> yet again the Domino security team has added stuff, this time the oft requested update to Notes client port encryption. But (at the time of writing) all the technotes on how to enable this either go to the wrong page (ICCA) or a nice looking, but still pointless 404 page. <br /> <br /> So how do you enable this? We'll after scouring the design partner forum I found a post from the lovely Dave Kern that outlined this a few months back and was able to pretty easily figure it from there...... <strong><br /> <br /> This is not everything, there seems to be at least one other setting, but this will get you AES port encryption, so it's a start</strong> <br /> <br /> It's a server side notes.ini setting called PORT_ENC_ADV and it's a bitmask value. Based on Dave's post I set this value to 127. That gets me the best available (based on current standards) port encryption that Notes can do. In this case AES_GCM_256, with a AES_128 ticket. <br /> <br /> It is backward compatible, I tested with FP6 and FP7 clients with this new ini setting with no issue. I see no reason why any client from 6.x onwards would be an issue, but test all the same.. So to enable add this to you server notes.ini: <br /> <br /> <blockquote>PORT_ENC_ADV=127</blockquote> <br /> <br /> Restart Domino. If you have a FP7 or later client then you will be using AES. To prove this you can enable these two notes.ini settings on the client: <br /> <br /> <blockquote>LOG_AUTHENTICATION=1 <br /> Debug_Console=1</blockquote> <br /> <br /> And you can now see the new port encryption being used. Here's a (just upgraded) FP7 client debug output: <br /> <br /> <img  alt="Image:9.0.1 FP7 and how to enable the new port encryption settings" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.1-fp7-and-how-to-enable-the-new-port-encryption-settings.htm/content/M2?OpenElement" /><br /> <br /> Here's a FP6 client, where the server fails back to RC4_128: <br /> <br /> <img  alt="Image:9.0.1 FP7 and how to enable the new port encryption settings" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.1-fp7-and-how-to-enable-the-new-port-encryption-settings.htm/content/M3?OpenElement" /><br />   ]]></content:encoded>
  84. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/9.0.1-fp7-and-how-to-enable-the-new-port-encryption-settings.htm</wfw:commentRss>
  85. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.1-fp7-and-how-to-enable-the-new-port-encryption-settings.htm?opendocument&amp;comments</wfw:comment>
  86. </item>
  87. <item>
  88. <title>The last ever (no really....) This Week In Lotus has been posted, number 115</title>
  89. <pubDate>Tue, 6 Sep 2016 09:15:54 -0400</pubDate>
  90. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-last-ever-no-really....-this-week-in-lotus-has-been-posted-number-115.htm</link>
  91. <category>twil</category>
  92. <dc:creator>Darren Duke</dc:creator>
  93. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-last-ever-no-really....-this-week-in-lotus-has-been-posted-number-115.htm?opendocument&amp;comments</comments>
  94. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-last-ever-no-really....-this-week-in-lotus-has-been-posted-number-115.htm</guid>
  95. <content:encoded><![CDATA[ Stuart, myself and Jesse Gallagher join for the <span style="text-decoration:line-through">weekly</span> bi-annual podcast for one last time....listen to it here: <br /> <br /><a href="http://thisweekinlotus.com/115-doing-a-three-way/">http://thisweekinlotus.com/115-doing-a-three-way/</a> <br /> <br />There is also an exciting announcement at the end.....  ]]></content:encoded>
  96. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/the-last-ever-no-really....-this-week-in-lotus-has-been-posted-number-115.htm</wfw:commentRss>
  97. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-last-ever-no-really....-this-week-in-lotus-has-been-posted-number-115.htm?opendocument&amp;comments</wfw:comment>
  98. </item>
  99. <item>
  100. <title>Using Hawthorn gold code? Want IBM to add SQL Server support? Here&#8217;s the SPR you&#8217;ll want to add your name to....</title>
  101. <pubDate>Mon, 29 Aug 2016 13:46:34 -0400</pubDate>
  102. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/using-hawthorn-gold-code-want-ibm-to-add-sql-server-support-heres-the-spr-youll-want-to-add-your-name-to.....htm</link>
  103. <category>domino</category>
  104. <dc:creator>Darren Duke</dc:creator>
  105. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/using-hawthorn-gold-code-want-ibm-to-add-sql-server-support-heres-the-spr-youll-want-to-add-your-name-to.....htm?opendocument&amp;comments</comments>
  106. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/using-hawthorn-gold-code-want-ibm-to-add-sql-server-support-heres-the-spr-youll-want-to-add-your-name-to.....htm</guid>
  107. <content:encoded><![CDATA[ Hawthrorn 2.0, AKA IBM Mail Support for Microsoft Outlook, AKA IMSMO has recently been released. One of the main install differences between GA (2.0) and LA (1.0) code is that GA requires use of IBM DB2 as a state store for the IMSMO Domino server (whereas 1.0 had no such requirement). <br /> <br />Most organizations can count on the fingers of no hands how may DB2 servers they have, so you'd expect IBM to support MS SQL server right? You'd be wrong. You along with me are a moron, and no one's ever asked for that.  <br /> <br />Except now I have. And I have a SPR &nbsp;to prove it. IBM uses SPR's to weigh the decision to add a requested feature to a product, so the more organizations that pile on, the bigger the chance IBM will provide this.. <br /> <br />If you want this added to IMSMO then you can call IBM support (or using the website) and request that your organization be added to the SPR by referencing<strong> SPR RCGOAD5LHQ</strong> (APAR LO90041).  ]]></content:encoded>
  108. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/using-hawthorn-gold-code-want-ibm-to-add-sql-server-support-heres-the-spr-youll-want-to-add-your-name-to.....htm</wfw:commentRss>
  109. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/using-hawthorn-gold-code-want-ibm-to-add-sql-server-support-heres-the-spr-youll-want-to-add-your-name-to.....htm?opendocument&amp;comments</wfw:comment>
  110. </item>
  111. <item>
  112. <title>There is no 9.0.2. Dead. Canceled. Killed. </title>
  113. <pubDate>Wed, 24 Aug 2016 14:42:42 -0400</pubDate>
  114. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/there-is-no-9.0.2.-dead.-canceled.-killed.-.htm</link>
  115. <category>902</category>
  116. <dc:creator>Darren Duke</dc:creator>
  117. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/there-is-no-9.0.2.-dead.-canceled.-killed.-.htm?opendocument&amp;comments</comments>
  118. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/there-is-no-9.0.2.-dead.-canceled.-killed.-.htm</guid>
  119. <content:encoded><![CDATA[ Originally 9.0.2 was scheduled for release in late 2015. <br /> <br /> Then February 2016 (this would have been 28 months since 9.0.1 shipped) <br /> <br /> Then 2H 2016. <br /> <br /> Then 2017. <br /> <br /> Now, well, &nbsp;never (if the scuttlebutt at MWLUG is to be believed, and I do believe it). <br /> <br /> It was pushed for many reasons, notably to get Verse out of the door. As I mentioned in this <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.2-where-for-art-thou-ibm-has-truly-lost-the-plot-this-time.htm" title="9.0.2-where-for-art-thou-ibm-has-truly-lost-the-plot-this-time.htm" target="_blank"/>post (9.0.2 where for art thou?)</a> and this <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/my-customers-dont-want-mail.next.htm" title="my-customers-dont-want-mail.next.htm" target="_blank"/>one (my customers don't want mail next)</a> I've ranted and raved about this before. <br /> <br /> To no avail. <br /> <br /> Well, it seems some genius (<---sarcasm alert) at IBM has decided to not release 9.0.2 but to roll some (most?) of those features into the upcoming FP7 (and FP8?) release(s). At least we'll (allegedly) get Java 8 and AES port encryption at some point . I guess there is that. <br /> <br /> So why would IBM kill a release that is all but ready to ship? I can only fathom one reasonable answer to this.....to forgo the need to support Notes/Domino for a further 5-7 years. I believe a fix pack is only supported as long as IBM want to support it (unless someone can guide me to an IBM document saying otherwise....a quick Google yielded no real answer to this), which is a whole metric shit ton less than 5-7 years. I also think that IBM is going to change the "fix pack" nomenclature, and this was alluded to in several IBM presentations at MWLUG, mainly, I believe as Domino is required for Verse On-Prem (VOP). Still it does look like this is the end of the line for the Notes client (not really a shock) and any semblance of a Domino app-dev strategy (kind of a shock). <br /> <br /> Yet again, IBM is causing itself a decent dose of customer hate and migrations with their lack of communication, messaging and approach. You'd think both they and I would learn from this, alas I keep hoping for better for IBM. More fool me, right? <br /> <br /> If I'm wrong about 9.0.2, I'm sure an IBM executive will post here. If I'm correct, no doubt I'll get a threatening phone call or two.   ]]></content:encoded>
  120. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/there-is-no-9.0.2.-dead.-canceled.-killed.-.htm</wfw:commentRss>
  121. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/there-is-no-9.0.2.-dead.-canceled.-killed.-.htm?opendocument&amp;comments</wfw:comment>
  122. </item>
  123. <item>
  124. <title>Unable to view embedded SlideShare presentations in Chrome? Try this.....</title>
  125. <pubDate>Mon, 22 Aug 2016 16:34:51 -0400</pubDate>
  126. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm</link>
  127. <category>presentations</category>
  128. <dc:creator>Darren Duke</dc:creator>
  129. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm?opendocument&amp;comments</comments>
  130. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm</guid>
  131. <content:encoded><![CDATA[ The first page of the presentation displays fine, but you can't navigate to any other slide or use any other actions (like the image below): <br /> <br /><img  alt="Image:Unable to view embedded SlideShare presentations in Chrome? Try this....." border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm/content/M2?OpenElement" /> <br /> <br />The fix it is to allow 3rd party cookies from SlideShare.net. You can do this in the Chrome settings page, like this: <br /> <br /><img  alt="Image:Unable to view embedded SlideShare presentations in Chrome? Try this....." border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm/content/M3?OpenElement" /> <br />Then, manage exceptions: <br /> <br /><img  alt="Image:Unable to view embedded SlideShare presentations in Chrome? Try this....." border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm/content/M4?OpenElement" /> <br /> <br />Add the following to the hostname pattern: <br /> <br /><blockquote>&#91;*.&#93;slideshare.net</blockquote> <br /> <br />Like this: <br /> <br /><img  alt="Image:Unable to view embedded SlideShare presentations in Chrome? Try this....." border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm/content/M5?OpenElement" /> <br /> <br /> <br />You can now navigate embedded SlideShare presentations. <br /> <br /> <br /> <br /> <br /> <br />  ]]></content:encoded>
  132. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm</wfw:commentRss>
  133. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm?opendocument&amp;comments</wfw:comment>
  134. </item>
  135. <item>
  136. <title>My MWLUG presentation - Domino Security - not knowing is not an option (2016 edition)</title>
  137. <pubDate>Mon, 22 Aug 2016 10:21:46 -0400</pubDate>
  138. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/my-mwlug-presentation-domino-security-not-knowing-is-not-an-option-2016-edition.htm</link>
  139. <category>mwlug</category>
  140. <dc:creator>Darren Duke</dc:creator>
  141. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/my-mwlug-presentation-domino-security-not-knowing-is-not-an-option-2016-edition.htm?opendocument&amp;comments</comments>
  142. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/my-mwlug-presentation-domino-security-not-knowing-is-not-an-option-2016-edition.htm</guid>
  143. <content:encoded><![CDATA[ If you unable to view this presentation correctly in Chrome, <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm" title="unable-to-view-embedded-slideshare-presentations-in-chrome-try-this......htm" target="_blank"/>see this post</a>  ]]></content:encoded>
  144. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/my-mwlug-presentation-domino-security-not-knowing-is-not-an-option-2016-edition.htm</wfw:commentRss>
  145. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/my-mwlug-presentation-domino-security-not-knowing-is-not-an-option-2016-edition.htm?opendocument&amp;comments</wfw:comment>
  146. </item>
  147. <item>
  148. <title>Idea - I&#8217;m going to open a PMR asking IBM to release 9.0.2....and you are invited to take part</title>
  149. <pubDate>Tue, 19 Jul 2016 13:11:02 -0400</pubDate>
  150. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/idea-im-going-to-open-a-pmr-asking-ibm-to-release-9.0.2....and-you-are-invited-to-take-part.htm</link>
  151. <category>domino</category>
  152. <dc:creator>Darren Duke</dc:creator>
  153. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/idea-im-going-to-open-a-pmr-asking-ibm-to-release-9.0.2....and-you-are-invited-to-take-part.htm?opendocument&amp;comments</comments>
  154. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/idea-im-going-to-open-a-pmr-asking-ibm-to-release-9.0.2....and-you-are-invited-to-take-part.htm</guid>
  155. <content:encoded><![CDATA[ I got to thinking about this earlier today... <br /> <br /> <blockquote>How can I as a customer/partner/interested party let IBM know of my discontent about the lack of urgency in releasing Domino 9.0.2?</blockquote> <br /> <br /> I noddled on this for a few minutes and came up with some ways. A few (along with cons) are listed below: <br /> <br /> 1) Contact your IBM rep and tell them. <strong><br /> Pros:</strong> <br /> Erm.... <strong><br /> Cons:</strong> <br /> If you can find them, by the time you hang up they will have a new job. <br /> <br /> 2) Move to another platform. <strong><br /> Pros:</strong> <br /> Real Outlook support <strong><br /> Cons:</strong> <br /> It'll cost a fortune <br /> <br /> 3) PMR <strong><br /> Pros: </strong><br /> Fast <strong><br /> Cons:</strong> <br /> Well, it's a PMR <br /> <br /> I have finally settled on number 3, create a PMR. See, I think they only way IBM will take notice and do something (new regime or otherwise) is to inundate the support channel with this request. It kind of worked for TLS support in Domino (prior even to the Poodle debacle....I have stories about this if you hit me up at MWLUG) so there is some hope with that outlet. Now, there won't be an SPR as IBM will never admit to 9.0.2 not being released is a bug, but still, enough PMR's could at least make some IBM executives uncomfortable in their Game Of Thrones. <br /> <br /> So if you have PMR creation capability, I cordially invite you to enter a PMR requesting 9.0.2 be released soon. Here's the link to IBM PMR creation page <a href="https://www-947.ibm.com/support/servicerequest/Home.action"><span style="text-decoration:underline">https://www-947.ibm.com/support/servicerequest/Home.action</span></a> <br /> <br /> Here's mine: <br /> <br /> <img  alt="Image:Idea - I&#8217;m going to open a PMR asking IBM to release 9.0.2....and you are invited to take part" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/idea-im-going-to-open-a-pmr-asking-ibm-to-release-9.0.2....and-you-are-invited-to-take-part.htm/content/M2?OpenElement" /><br />   ]]></content:encoded>
  156. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/idea-im-going-to-open-a-pmr-asking-ibm-to-release-9.0.2....and-you-are-invited-to-take-part.htm</wfw:commentRss>
  157. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/idea-im-going-to-open-a-pmr-asking-ibm-to-release-9.0.2....and-you-are-invited-to-take-part.htm?opendocument&amp;comments</wfw:comment>
  158. </item>
  159. <item>
  160. <title>Well, so much for IE11 and iNotes standards mode</title>
  161. <pubDate>Tue, 19 Jul 2016 07:00:44 -0400</pubDate>
  162. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/well-so-much-for-ie11-and-inotes-standards-mode.htm</link>
  163. <category>inotes</category>
  164. <dc:creator>Darren Duke</dc:creator>
  165. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/well-so-much-for-ie11-and-inotes-standards-mode.htm?opendocument&amp;comments</comments>
  166. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/well-so-much-for-ie11-and-inotes-standards-mode.htm</guid>
  167. <content:encoded><![CDATA[ In my <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-ie11-and-copy-and-paste-images-from-the-clipboard.-how-to-enable-it..htm" title="inotes-ie11-and-copy-and-paste-images-from-the-clipboard.-how-to-enable-it..htm" target="_blank"/>last post</a> I made the mistake of thinking IBM had done a bang up job on the copy and paste with images from the clipboard into iNotes using IE11. Well.....about that..... <br /> <br />After enabling the following settings in the server notes.ini file a user is no longer able to use type-ahead search (view search): <br /> <br /><blockquote>iNotes_WA_DefaultFormsFile=iNotes/Forms9s.nsf<br /> iNotes_WA_FormsFiles=iNotes/Forms9s.nsf  <br /></blockquote> <br /> <br />Here's the difference, search view in quirks mode works, standard mode does not:.... <br /> <br />Quirks mode IE: <br /><img  alt="Image:Well, so much for IE11 and iNotes standards mode" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/well-so-much-for-ie11-and-inotes-standards-mode.htm/content/M2?OpenElement" /> <br /> <br />Standards mode IE: <br /> <br /><img  alt="Image:Well, so much for IE11 and iNotes standards mode" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/well-so-much-for-ie11-and-inotes-standards-mode.htm/content/M3?OpenElement" /> <br /> <br />Time to revert back to quirks mode by removing the notes.ini settings....balls. <br /> <br />Time and time again, testing and QA is IBM's downfall. I'm beginning to think that I, together with IBM, will never learn this lesson. In the top screeshot you can even see my PMR about this.....oh, the hellish times we live in. <br />  ]]></content:encoded>
  168. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/well-so-much-for-ie11-and-inotes-standards-mode.htm</wfw:commentRss>
  169. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/well-so-much-for-ie11-and-inotes-standards-mode.htm?opendocument&amp;comments</wfw:comment>
  170. </item>
  171. <item>
  172. <title>iNotes, IE11 and copy and paste images from the clipboard. How to enable it.</title>
  173. <pubDate>Thu, 14 Jul 2016 12:04:19 -0400</pubDate>
  174. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-ie11-and-copy-and-paste-images-from-the-clipboard.-how-to-enable-it..htm</link>
  175. <category>inotes</category>
  176. <dc:creator>Darren Duke</dc:creator>
  177. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-ie11-and-copy-and-paste-images-from-the-clipboard.-how-to-enable-it..htm?opendocument&amp;comments</comments>
  178. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-ie11-and-copy-and-paste-images-from-the-clipboard.-how-to-enable-it..htm</guid>
  179. <content:encoded><![CDATA[ The other day I was lamenting the inability of Internet Explorer in respect to being able to copy and paste an image from the clipboard into an iNotes email body. After all both Firefox and Chrome have been able to do this for a while. <br /> <br />Off I toodle to the web and I find<a href="https://www-10.lotus.com/ldd/dominowiki.nsf/dx/IBM_iNotes_Paste_Image_Support"> this IBM document</a> which indicates IBM may add it once IE supports it: <br /> <br /><blockquote>The ability to paste images from the clipboard works in both Firefox and Chrome in iNotes 9.0 Social Edition and Smart Cloud Notes Web. Safari 6 and IE 10 do not yet support this, but we are hoping they too will offer the needed browser APIs to do this in the future. </blockquote> <br /> <br />Huh. "I'm pretty sure IE11 now supports this", out intrepid hero says to himself (that's me for those not following along). Off I wibbly wobbly search again. Lo and behold, based on<a href="https://blogs.msdn.microsoft.com/ie/2013/10/24/enhanced-rich-editing-experiences-in-ie11/"> this Microsoft post</a> I appear to be correct (and dear reader, if there were any doubt in you mind that I would, indeed be correct, I'm sorely disappointed in you): <br /> <br /><blockquote>With the new&nbsp;<a href="http://msdn.microsoft.com/en-us/library/cc848897(v=vs.85).aspx">DataURI</a>&nbsp;encoding capability in IE11, Web sites can automatically support pasting images from the clipboard, without requiring additional Javascript.</blockquote> <br /> <br />OK, ammo in hand. Time for the dreaded PMR.....basically along the lines of "IBM have these links that say this....what are you going to do it?". <br /> <br />After a back and forth support finally understand my question. <strong>And shocker. it was added in 9.0.1 FP5</strong>. "Really?" our intrepid hero asks (again, me for those not following along). <strong>But it's disabled by default</strong> (FFS IBM, really?). I was also sent a link to the<a href="http://m.ibm.com/http/www-10.lotus.com/ldd/fixlist.nsf/8d1c0550e6242b69852570c900549a74/92f8bb3d7e9d022285257ed00056d9a8?OpenDocument&amp;wirelessshow=1"> 9.0.1 FP5 IBM document </a>(are they not technotes anymore????) that has this titbit in it: <br /> <br /><blockquote>9.0.1 Fix Pack 5 adds support for IE Standards Mode for iNotes. An optional Forms9s.nsf for IE 11 Standard mode has been added in 9.0.1 FP5. 9.0.1 FP5 installs a secondary iNotes client file on the Domino server named Forms9s.nsf. This file is an optional solution to "Quirks Mode". Quirks mode was a run time option first introduced in IE 6 to provide backward compatibility for programs such as iNotes but can cause some limitations running in newer versions of IE such as IE11. Forms9s.nsf removes quirks mode and runs in Standard mode. This is off by default and can be enabled via setting these in the Domino server notes.ini <br />iNotes_WA_DefaultFormsFile=iNotes/Forms9s.nsf<br /> iNotes_WA_FormsFiles=iNotes/Forms9s.nsf  <br /></blockquote> <br /> <br />Well, OK, but that doesn't say it will do what I want but support insist it will have the desired effect. Sure enough, I add them to the server, restart HTTP and (blue sky, angels singing) I can now paste images from the clipboard directly into iNotes when using IE. <br /> <br />Thanks to Andrea from support for help on this, but why on earth isn't this documented anywhere? "Standards mode" in no way translates to "copy and paste an image from the clipboard into IE". And the original IBM document I found (the first link in the post) was not updated to indicate this. <strong>This needs to be added to DCT (if DCT is still a thing?).</strong> <br /> <br /> <br /> <br /> <br /> <br />  ]]></content:encoded>
  180. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/inotes-ie11-and-copy-and-paste-images-from-the-clipboard.-how-to-enable-it..htm</wfw:commentRss>
  181. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/inotes-ie11-and-copy-and-paste-images-from-the-clipboard.-how-to-enable-it..htm?opendocument&amp;comments</wfw:comment>
  182. </item>
  183. <item>
  184. <title>How to thoroughly confuse your customers, IBM Edition</title>
  185. <pubDate>Thu, 28 Apr 2016 10:42:29 -0400</pubDate>
  186. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/how-to-thoroughly-confuse-your-customers-ibm-edition.htm</link>
  187. <category>Domino</category>
  188. <dc:creator>Darren Duke</dc:creator>
  189. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/how-to-thoroughly-confuse-your-customers-ibm-edition.htm?opendocument&amp;comments</comments>
  190. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/how-to-thoroughly-confuse-your-customers-ibm-edition.htm</guid>
  191. <content:encoded><![CDATA[ Off I toddle to IBM Fix Central. I wanted the latest FP5 and IF's for Notes, the Browser Plugin and the Lite Browser Plugin. Here's a screenshot of what <a href="http://www-933.ibm.com/support/fixcentral/" title="IBM Fix Central">IBM Fix Central</a> returns for me..... <br /> <br /> <br /><img  alt="Image:How to thoroughly confuse your customers, IBM Edition" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/how-to-thoroughly-confuse-your-customers-ibm-edition.htm/content/M2?OpenElement" /> <br /> <br />Now, I usually know what I am doing, but this is confusing to me, let alone a poor customer who does not understand IBM's mission to put obstacles in the way of everything you'd ever want to do on their sites.  <br /> <br />Some mind boggling questions arise...... <br /> <ul> <li>Can I just download 901FP5SHF238_W32_standard.exe and that will patch all my Notes, NBP and NBP lite installs? But isn't that IF2? And build SHF237 is IF3? And isn't 237 < 238 in the normal, non-quantum universe where non-IBMers live? </li><li>Do I really need all of these files? </li><li>Do I have to install all of them once I download them? </li><li>If I do need all of them, which order to I install them?</li></ul> <br />Totally and utterly confusing. I bet most people who get to this screen just close it and never download anything.  <br />  ]]></content:encoded>
  192. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/how-to-thoroughly-confuse-your-customers-ibm-edition.htm</wfw:commentRss>
  193. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/how-to-thoroughly-confuse-your-customers-ibm-edition.htm?opendocument&amp;comments</wfw:comment>
  194. </item>
  195. <item>
  196. <title>An open letter to the new ICS GM Inhi Cho Shu</title>
  197. <pubDate>Wed, 23 Mar 2016 06:55:01 -0400</pubDate>
  198. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/an-open-letter-to-the-ics-gm-inhi-cho-shu.htm</link>
  199. <category>ibm</category>
  200. <dc:creator>Darren Duke</dc:creator>
  201. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/an-open-letter-to-the-ics-gm-inhi-cho-shu.htm?opendocument&amp;comments</comments>
  202. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/an-open-letter-to-the-ics-gm-inhi-cho-shu.htm</guid>
  203. <content:encoded><![CDATA[ First, let me congratulate you on your new appointment. I wish you ever success. However, I have some concerns about the division (is that that word?) you have just taken over. There really are no avenues to get these to you so I figured this was as good a place as any to try and outline my thoughts..... <br /> <br /> 1) The schedule for new on-prem software releases requires much more regularity. Thinking Notes and Domino here. See this post as to why <a href="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/9.0.2-where-for-art-thou-ibm-has-truly-lost-the-plot-this-time.htm" title="9.0.2-where-for-art-thou-ibm-has-truly-lost-the-plot-this-time.htm" target="_blank"/>9.0.2 Where for art thou?</a>. <br /> <br /> 2) The IBM process for buying/on-boarding/using cloud stuff is totally insane. I could outline those here but Gavin Bollard did an excellent job <a href="http://dominogavin.blogspot.com/2016/03/buy-or-die-trying-ibm-connections-story.html"><span style="text-decoration:underline">here</span></a> and <a href="http://dominogavin.blogspot.com/2016/03/the-trouble-with-ibm-connectionscloud.html"><span style="text-decoration:underline">here</span></a>. You can learn a lot by trying to buy what you sell. I would suggest everyone fully read Gavin's posts at least twice, you are likely to miss something if you only read them once. <br /> <br /> 3) (The seemingly ignored issues of) Verse on-prem and the future of the Notes client need to be addressed so that customers and partners can prepare. <br /> <br /> 4) The constant renaming of products makes finding anything on Passport Advantage (already a nightmare) even more difficult. While we're on this please try navigating the aforementioned Passport Advantage in the shoes of a customer. Customers have no idea what they have, need or use anymore. Some in your organization seem to think that renaming will fix things for the "Lotus" brand. It does not. Only doing things that your customers (and maybe even someday, potential customers) need addressed will do that. <br /> <br /> 5) Support is broken. Badly. Although really, I don't think this can be fixed. It seems too far gone. <br /> <br /> 6) Find the dissenters and the naysayers and talk to them. You can learn a lot from the "WTF is IBM thinking/doing?" crowd. <br /> <br /> 7) Look and use your competition's software. You'll see some shocking holes in functionality in IBM's offerings when you do. For example, IBM is being outmaneuvered by Office365. Figure out why (or ask) and see what can be done to address these failings. <br /> <br /> While this is not everything, I wanted to keep this post at a 50,000 foot level and not get into the weeds. Again, as with everyone else in this community, I wish you every success in your new endeavor. <br /> <br /> Darren Duke. <br />   ]]></content:encoded>
  204. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/an-open-letter-to-the-ics-gm-inhi-cho-shu.htm</wfw:commentRss>
  205. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/an-open-letter-to-the-ics-gm-inhi-cho-shu.htm?opendocument&amp;comments</wfw:comment>
  206. </item>
  207. <item>
  208. <title>Real badgers....</title>
  209. <pubDate>Tue, 22 Mar 2016 14:54:06 -0400</pubDate>
  210. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/real-badgers.htm</link>
  211. <category></category>
  212. <dc:creator>Darren Duke</dc:creator>
  213. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/real-badgers.htm?opendocument&amp;comments</comments>
  214. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/real-badgers.htm</guid>
  215. <content:encoded><![CDATA[ In no way related to IBM Badges........ (although this could be what is at the non-customer end of a PMR) <br /> <br /><img  alt="Image:Real badgers,,,,," border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/real-badgers.htm/content/M2?OpenElement" />  ]]></content:encoded>
  216. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/real-badgers.htm</wfw:commentRss>
  217. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/real-badgers.htm?opendocument&amp;comments</wfw:comment>
  218. </item>
  219. <item>
  220. <title>The 2015 Snarky Review</title>
  221. <pubDate>Mon, 11 Jan 2016 12:48:54 -0400</pubDate>
  222. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-2015-snarky-review.htm</link>
  223. <category>misc</category>
  224. <dc:creator>Darren Duke</dc:creator>
  225. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-2015-snarky-review.htm?opendocument&amp;comments</comments>
  226. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-2015-snarky-review.htm</guid>
  227. <content:encoded><![CDATA[ Firefox started at 34, ended at 43 (which also seemed to break everything). <br /> <br /> Chrome started at 39, ended at 47. <br /> <br /> IE, 11 and 11 (or Edge depending on your OS). <br /> <br /> My browser preference has changed. I'd love to still use Firefox (as they give a shit about privacy) but it's performance compared to Chrome is laughably right now. So Chrome it is (hangs head in shame)... <br /> <br /> IBM finally grasped that web security in Domino is important. We got SHA2, TLS1.2, OCSP, HSTS and modern ciphers. Only in R9, but we have new stuff! &nbsp;<br /> <br /> Speaking of IBM, what on earth are they doing with (to?) N/D 9.0.2? This is truly a let down of epic proportions. I'll never learn will I? <br /> <br /> Speaking of never learning, ConnectED 2015 looks to be both mine and IBM's last ConnectED. It's being renamed (come on that can't be a surprise...this is IBM we're talking about here) to Connect. A bit Deja Vuie but I guess that can reuse all the Connect 2013 signs and merchandise by just using whiteout and sharpie markers. It'll save them a fortune. I used to think IBM renamed things in a time of crisis, but surely, no company can be in perpetual crisis, right? <br /> <br /> Speaking of ConnectED 15, it was also last time the conference would be held at the Swan and Dolphin. Hopefully the new location have a 24 hour restaurant and a karaoke bar. <br /> <br /> Speaking of ConnectEd 15, it was also my last one, I'm abstaining. Not going. Pulling off the band-aid as it were. I hope any that actually pay for it get huge value for money, but if you don't try MWLUG. (the reason this is on here is that I decided this back in September....) <br /> <br /> Speaking of MWLUG, the biggest yet was held in ATL. A great success and a phenomenal conference. Good times. And we found a karaoke bar around the corner. <br /> <br /> Windows 10 came along in 2015. I can tell because any time I fire up a non-domain joined PC MS tells me so. The "prompts" are almost malware-like in their insistence. I upgraded one. I was NOT a fast upgrade. It's free upgrade for most, and by that MS means "free" as in "we're free to keep you encryption keys free". <br /> <br /> Speaking of never learning.....It's now been over three years since the demise of This Week In Lotus. Stuart has a new one you know? For real! <br /> <br /> I broke down and replaced my trusty iPhone 5 with a 6 Plus. Not going back. The battery life alone is worth it and apparently the screen is much bigger. <br /> <br /> Big IT has been busy splitting itself into smaller, more manageable pieces (except IBM, they know something no one else does). We've seen Symantec and HP both cleaved in half. Crap, even Google kind of did too. <br /> <br /> This was the year of "chip and PIN" cards in the US. Except you don't need a PIN to complete the transaction. US banks think the customers are too stupid to remember a 4 digit PIN, Apparently they think the customer service costs and the likelihood the customer would move to a non-PIN banking competitor was more a cost than the fraud. MBAs and their spreadsheets doom us all. And it seems as though this rule is only for credit cards?....my debit cards are still mostly chip-less. <br /> <br /> I actually made it (finally) to Canada (during a really, really, really bad blizzard.....I buried my rental in a snow bank). It's kind of shocking that this is the first time I've been to Canada, but I can't recall ever going there before. <br /> <br /> I can still count on the fingers of no hands how many CCM installations I've ever seen. <br /> <br /> I was in the same building as Scarlett Johansson, Robert Downey Jr and Chris Evans (Captain America, not the irritating radio DJ from the UK). <br /> <br /> Technologies that made 2015 KeePass, HAProxy, Apache, NGinX and SHA2. <br /> <br /> Technologies that should have made 2015.... 9.0.2 and Hawthorn.   ]]></content:encoded>
  228. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/the-2015-snarky-review.htm</wfw:commentRss>
  229. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/the-2015-snarky-review.htm?opendocument&amp;comments</wfw:comment>
  230. </item>
  231. <item>
  232. <title>If you get page errors after disabling HTTPEnableConnectorHeaders in Domino, try this</title>
  233. <pubDate>Mon, 2 Nov 2015 03:53:28 -0400</pubDate>
  234. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/if-you-get-errors-after-disabling-httpenableconnectorheaders-try-this.htm</link>
  235. <category>domino</category>
  236. <dc:creator>Darren Duke</dc:creator>
  237. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/if-you-get-errors-after-disabling-httpenableconnectorheaders-try-this.htm?opendocument&amp;comments</comments>
  238. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/if-you-get-errors-after-disabling-httpenableconnectorheaders-try-this.htm</guid>
  239. <content:encoded><![CDATA[ If you are wondering why you want to disable HTTPEnableConnectorHeaders go read Jasper Kiaer's <a href="http://nevermind.dk/nevermind/blog.nsf/subject/security-hole-leaves-ibm-domino-server-wide-open---part-two"><span style="text-decoration:underline">excellent post</span></a> on why this maybe the worst security hole in Domino ever. Yes, ever. <br /> <br /> So now you've sent HTTPEnableConnectorHeaders=0 in the server notes.ini (make sure the setting has taken with a "show config http*" in the server console). You restart HTTP on Domino and you get this when you try to access the server: <br /> <br /> <blockquote>Request contains an HTTP header that does not contain a colon</blockquote> <br /> <br /> Then you also need to disable the headers in Apache or Nginx. For Apache comment out or delete lines that look like this (in fact anything that contains the evil $WSxx headers): <br /> <br /> <blockquote>RequestHeader set $WSRA "%{CLIENTIP}e" <br /> RequestHeader set $WSRH "%{CLIENTIP}e" <br /> </blockquote> <br /> <br /> For Nginx remove or comment out the following (again, also any other $WSxx you may have): <br /> <br /> <blockquote>proxy_set_header &nbsp; &nbsp; &nbsp; &nbsp;$WSRA &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;$remote_addr; <br /> proxy_set_header &nbsp; &nbsp; &nbsp; &nbsp;$WSRH &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;$remote_addr; <br /> proxy_set_header &nbsp; &nbsp; &nbsp; &nbsp;$WSSN &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;$host; <br /> proxy_set_header &nbsp; &nbsp; &nbsp; &nbsp;$WSIS &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;True; <br /> </blockquote> <br /> <br /> Once you do that restart your reverse proxy of choice. <br /> <br />   ]]></content:encoded>
  240. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/if-you-get-errors-after-disabling-httpenableconnectorheaders-try-this.htm</wfw:commentRss>
  241. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/if-you-get-errors-after-disabling-httpenableconnectorheaders-try-this.htm?opendocument&amp;comments</wfw:comment>
  242. </item>
  243. <item>
  244. <title>Free SSL certificates. Yes free (for most domains)</title>
  245. <pubDate>Thu, 1 Oct 2015 08:11:46 -0400</pubDate>
  246. <link>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/free-ssl-certificates.-yes-free-for-most-domains.htm</link>
  247. <category>security</category>
  248. <dc:creator>Darren Duke</dc:creator>
  249. <comments>https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/free-ssl-certificates.-yes-free-for-most-domains.htm?opendocument&amp;comments</comments>
  250. <guid isPermaLink="true">https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/free-ssl-certificates.-yes-free-for-most-domains.htm</guid>
  251. <content:encoded><![CDATA[ There are times when a SSL certificate would be nice but not economical. Like for this blog for example. I'm hardly going to splurge $100+ on SSL certificate "just because", and "SSL everywhere" and Google ranking be damned. <br /> <br /> But here are options out there to get <strong>free</strong> Class 1 SSL certificates from a trusted root certifier. <a href=https://www.startssl.com/><span style="text-decoration:underline">StartSSL</span></a> will provide you a free 1 year SSL for most domains (anything with the word financial in the domain is not allowed, and I'm sure there are more rules than that). &nbsp;As they say on their website..... <br /> <br /> <img  alt="Image:Free SSL certificates. Yes free (for most domains)" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/free-ssl-certificates.-yes-free-for-most-domains.htm/content/M2?OpenElement" /><br /> <br /> I've been using StartSSL for a while now (at least a year, and this blog is using a StartSSL Class 1) and they do what they say. Now, you can't revoke a free one, that costs money. But for a simple blog web site they fit the bill perfectly. They also have SSL Class 2 for unlimited and wildcards for $59/year. Not too bad. <br /> <br /> Now the security conscious readers will no doubt know about the <a href="https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html"><span style="text-decoration:underline">Let's Encrypt</span></a> program which aims to provide a completely free certificate authority but it's not quite there yet (they need to get the root added to different browsers, although you can install the root yourself if the fancy takes you). Once the CA root is in the browsers this may even eclipse StartSSL for those needing free SSL certificates. <br /> <img  alt="Image:Free SSL certificates. Yes free (for most domains)" border="0" src="https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/free-ssl-certificates.-yes-free-for-most-domains.htm/content/M3?OpenElement" /><br /> <br /> The prices that some of the SSL vendors charge (ahem, Symantec...) is ridiculous. StartSSL and Let's Encrypt deserve some serious kudos for tipping this critical market seemingly controlled by cartels on it's head. The SSL future is looking a lot brighter and much less like an economic burden.   ]]></content:encoded>
  252. <wfw:commentRss> https://blog.darrenduke.net/Darren/DDBZ.nsf/dxcomments/free-ssl-certificates.-yes-free-for-most-domains.htm</wfw:commentRss>
  253. <wfw:comment> https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/free-ssl-certificates.-yes-free-for-most-domains.htm?opendocument&amp;comments</wfw:comment>
  254. </item>
  255. </channel></rss>
  256.  

If you would like to create a banner that links to this page (i.e. this validation result), do the following:

  1. Download the "valid RSS" banner.

  2. Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)

  3. Add this HTML to your page (change the image src attribute if necessary):

If you would like to create a text link instead, here is the URL you can use:

http://www.feedvalidator.org/check.cgi?url=http%3A//blog.darrenduke.net/Darren/DDBZ.nsf/feed.rss

Copyright © 2002-9 Sam Ruby, Mark Pilgrim, Joseph Walton, and Phil Ringnalda