You have probably received this from IBM, but if not.....
==================================
This note contains links (URLs) to technical support documents (technotes) related to an issue affecting IBM Lotus Domino customers. You are receiving this notification because you are a customer who has called us for technical support in the past. If you do not wish to receive notifications like this one on other topics in the future, please reply to this email and change the Subject field to: unsubscribe <e-mail address>, e.g. unsubscribe
![[email address]](?emailimage=df297b024e9606e9eb61ba8669f8ab5f)
in. This is a special mailing separate from regular Frequently Asked Questions (FAQ) mailings to urgently provide information about this expiration situation.
What is happening
The certificate for some Java applets in Lotus Domino 6.5.x, Domino 7.0.x, Domino 8.0.x, and Domino 8.5 have an expiration date of May 18, 2009. Starting May 19th, Web users will see a dialog with a message similar to one of the following when loading a Web page that contains a Java applet from the Domino server:
"The digital signature was generated with a trusted certificate but has expired or is not yet valid."
"The security certificate has expired or is not yet valid."
This issue can occur even if IBM is set up as a trusted publisher in the browser.
What does this mean
Please be assured that this message does not mean security has been compromised. It simply reflects the expiration of the signature originally provided in the security certificate used with certain Domino applets. You can find an explanation in the following technote:
Title: "Security certificate expiration messages generated from Domino applets (May 18, 2009)"
URL:
IBM - Security certificate expiration messages generated from Domino applets (May 18, 2009)
Action needed to resolve
To resolve the situation, you have three options: (1) Instruct users to "Always Trust" content from IBM, (2) if using Domino 7.x, upgrade to Domino 7.0.4, or (3) download and apply fixes. IBM recommends that you replace the affected Jar files (option 3) as described in the following download document for any supported release of Domino:
Title: "Download re-signed Java applets for Lotus Domino (May 18, 2009)"
URL:
IBM - Download re-signed Java applets for Lotus Domino (May 18, 2009)
Alternatively, an interim fix will be posted to Fix Central for the latest Modification and Fix Pack levels by May 8th. These include Domino 6.5.6 FP3, 7.0.3 FP1, 7.0.4, 8.0.2 FP1, and 8.5.0. If you're not running one of these releases, access the download document above, which provides fixes for all supported release levels.
General Self-Help Resources
Here are links to other ways that you can access IBM Lotus Notes & Domino self-help support information on the Web:
1. My Support (
IBM Software Support - Overview)
2. Lotus Support is just a click away (
http://www.ibm.com/software/lotus/support/clickaway/); learn more about Lotus Software Self-Assist Options.
3. IBM Software Support Site design update (
IBM Software Support - Overview)
4. New Lotus Notes Domino Wiki (
Lotus Notes and Domino wiki)
5. Fix Central (
IBM Support: Fix Central)
Sincerely,
The IBM Lotus Notes & Domino Team
==================================
This note contains links (URLs) to technical support documents (technotes) related to an issue affecting IBM Lotus Sametime customers. You are receiving this notification because you are a customer who has called us for technical support in the past. If you do not wish to receive notifications like this one on other topics in the future, please reply to this email and change the Subject field to: unsubscribe <e-mail address>, e.g. unsubscribe
in. This is a special mailing separate from regular Frequently Asked Questions (FAQ) mailings to urgently provide information about this expiration situation.
What is happening
The Lotus Sametime Meeting Server applets are signed with a VeriSign certificate that is valid between May 15, 2006 and May 18, 2009. To prevent users who load any of the Sametime applets such as the Meeting Room Client or Directory applet from seeing a warning message as of May 19th, IBM recommends that you apply the fixes provided in the technote (link) below. Otherwise, starting May 19th, Web users will see a dialog with a message similar to one of the following when loading a Web page that contains a Java applet from Sametime:
"The digital signature was generated with a trusted certificate but has expired or is not yet valid."
"The security certificate has expired or is not yet valid."
This issue can occur even if IBM is set up as a trusted publisher in the browser.
What does this mean
Please be assured that this message does not mean security has been compromised. It simply reflects the expiration of the signature originally provided in the security certificate used with certain Sametime applets. You can find an explanation in the following technote:
Title: "Sametime applets signer certificate expires on 18 May 2009"
URL:
IBM - Sametime applets signer certificate expires on 18 May 2009
Action needed to resolve
To resolve the situation, you may download fixes from Fix Central and apply them to your system. The technote above provides release specific links, which we recommend you follow. The generic link to the Fix Central main page is:
Title: "Fix Central"
URL:
IBM Support: Fix Central
General Self-Help Resources
Here are links to other ways that you can access IBM Lotus Sametime self-help support information on the Web:
1. My Support (
IBM Software Support - Overview)
2. Lotus Support is just a click away (
http://www.ibm.com/software/lotus/support/clickaway/); learn more about Lotus Software Self-Assist Options.
3. IBM Software Support Site design update (
IBM Software Support - Overview)
4. New Lotus Sametime Wiki (
Lotus Sametime wiki)
5. Fix Central (
IBM Support: Fix Central)
Sincerely,
The IBM Lotus Sametime Team
==================================
Quick shout for the IBM Lotus Domino / SameTime Admins
