IBM Domino SSL Keyring File access error when using SMTP TLS

Problem

When using SMTP TLS, the IBM Domino server shows the following error in the log file:
SSL Error: Keyring File access error

Solution

When engaging the STARTTLS command, the Domino server looks in the default location for the Keyring file with the default name: keyfile.kyr and keyfile.sth. The location is the data root specified for the Domino server.

References

Notes/Domino 6 and 7 Forum


LDAP Authentication with IBM Domino Server 8.5.1

Problem

When using a complex email infrastructure, multiple email servers are involved usually. The core servers typically take care of managing the data that users access in their day to day activities. Other servers can be used for SPAM/Virus filtering, archival, store and forward functions. It is important for all these servers to be able to synchronize the list of valid users. The IBM Domino Server is perfect for this. For each organization, email administrators can configure a virtual LDAP server that handles the needs for authentication and user list synchronization.

Solution

In order to authenticate the the LDAP server on IBM Domino, the following steps are needed:

  • In the server configuration, under Web / Internet Sites, configure an LDAP server for your organisation
  • In the LDAP client that you want to connect from, specify the admin user for the connection as follows:
    CN=User Name of Administrator/O=Organization Name
  • To retrieve the valid email users, you can use this query:
    Srtring: (|(mail=*@%s)(proxyAddresses=smtp:*@%s))
    Attributes: mail, proxyAddresses