Daniel Nashed 27 July 2016 08:21:25
Domino 9.0.1 FP5 IF1 adds support for the Extended Master Secret Extension with TLS 1.2.
Windows 2008 R2 does only supports TLS 1.0 but still sends the Extended Master Secret Extension in the server helo.
Domino fails to connect because once this is offered Domino wants to use it.
There is a work-around to disable this new functionality globally on the server via notes.ini
This is just a work-around and the real fix would be that Microsoft provides a fix for Win 2008 R2 to not send the extension with the helo.
Later versions do support TLS 1.2 and do not have the issue.
See the following technote for details -> http://www.ibm.com/support/docview.wss?uid=swg21987608
- Comments