Problem importing certificates into keyring with LE4D after upgrade to Domino V11.0.1

Due to an issue with the JVM installed with Domino V11.0.1, LE4D throws an error when the tool tries to import the new / renewed certificate into the Domino keyring file.
The agent calls the kyrtool and passes the required parameters to the tool.
On the Domino V11.0.1 console, you will see an error

13.04.2020 06:48:52 Agent error: java.io.IOException: Cannot run program "cmd.exe": Malformed argument has embedded quote: "d:\domino\kyrtool.exe" create -k "d:\domino\data\eknori_staging.kyr"
13.04.2020 06:48:52 Agent error: at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:621)
13.04.2020 06:48:52 Agent error: at java.lang.Runtime.exec(Runtime.java:486)
13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.tools.CommandProcessor.executeCommand(CommandProcessor.java:11)
13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.runKyrTool(Le4dManager.java:623)
13.04.2020 06:48:52 Agent error: at de.midpoints.le4d.manager.Le4dManager.run(Le4dManager.java:205)
13.04.2020 06:48:52 Agent error: at de.midpoints.MPStarter.NotesMain(MPStarter.java:16)
13.04.2020 06:48:52 Agent error: at lotus.domino.AgentBase.runNotes(Unknown Source)
13.04.2020 06:48:52 Agent error: at lotus.domino.NotesThread.run(Unknown Source)
13.04.2020 06:48:52 Agent error: Caused by:

The problem is not in the code itself, because it runs on Domino V9.0.1FP10 and also on Domino V10.x and also on Domino V11. It seemed to stop working after upgrading the server to V11.0.1

I searched for the error on Google and found some references to it. The cause of this error is due to the Java update mentioned here: https://www.oracle.com/technetwork/java/javase/13-0-1-relnotes-5592797.html#JDK-8221858

To fix the error in Domino V11.0.1 do the following

If not already in place, create a new text file javaOptions.txt in the DominoDataDir
Add the following line to the javaOptions.txt file ( If you already have a javaOptions file, append the new entry to the existing lines in the file)
-Djdk.lang.Process.allowAmbiguousCommands=true
Save javaOptions.txt
Add the following line to the server notes.ini
JAVAOPTIONSFILE=DominoDataDir/javaoptions.txt
Restart the server

When you now run the LE4D tool, everything should work!

Post Views: 677

2 thoughts on “Problem importing certificates into keyring with LE4D after upgrade to Domino V11.0.1”

Andy Brunner - April 13, 2020 at 10:08 am /

Thanks a lot for this early warning. Just applied this fix to the servers upgraded yesterday.
Peter Schulte-Zurhausen - May 22, 2020 at 2:37 pm /

This issue happens also to Domino Version 10.0.1 FP5

Comments are closed.

eknori.de

the weird world of eknori

Problem importing certificates into keyring with LE4D after upgrade to Domino V11.0.1

2 thoughts on “Problem importing certificates into keyring with LE4D after upgrade to Domino V11.0.1”