Domino Server Controller does not connect after upgrade to Java6SR16FP20
Daniel Nashed – 16 February 2016 17:33:18
The IBM Java Team disabled MD5 in there latest patch to tighten security. But the Server Console currently can only use MD5 right now. So by this intentionally change by the IBM Java Team the Domino Console cannot connect any more.
For now to have the Server Controller local and remotely working again you have to re-enable MD5.
This is a similar issue than what we had when the IBM Java team disabled SSLV3 some time ago.
There are two lines that you have to change in the ..jvm/lib/security/java.security file.
You have to remove MD5 from the disabled algorithms for now:
jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
There is currently no other work-around for Windows. On Linux you could use the "monitor" command when using my start script and disable the server controller.
-- Daniel
- Comments [5]
1Lars Berntrop-Bos 17.02.2016 8:01:30 Domino Server Controller does not connect after upgrade to Java6SR16FP20
That brings back memories of an earlier mishap in the same area not too long ago, 9.0.1 FP3. You'd think they learned and added this test to the suite...
Hope to enjoy your company at Engage!
2Milan Matejic 17.02.2016 8:26:08 Domino Server Controller does not connect after upgrade to Java6SR16FP20
Thank you very much! :-)
3Martin Ziegler 19.02.2016 6:56:12 Domino Server Controller does not connect after upgrade to Java6SR16FP20
IBM has also released an article about this issue:
{ Link }
4Gunleif Raeg 18.03.2016 8:42:50 Domino Server Controller does not connect after upgrade to Java6SR16FP20
Thanks, very helpful :-)
IBM couldn't help me, you found the solution for me.
5Ben Rose 21.05.2016 13:14:33 Domino Server Controller does not connect after upgrade to Java6SR16FP20
FYI, they broke this again in FP6. No workaround at all.
SSLV3 is gone, MD5 is gone. The only protocol now is SHA-256 which isn't supported on the server side without a patch.
You cannot use 9.0.1 FP6 java console without upgrading every server in your organisation first.
I have a PMR open, sev 1 critsit, 01843,019,866 - if affected feel free to reference this PMR in your ticket to skip a lot of wasted time performing troubleshooting steps.