I recently stumbled upon an SSL error after upgrading a development web server from domino 9.0.1 to 10.0.1. The server uses multiple virtual server documents to distinguish certain settings between different hostnames. Following error popped up when accessing the server via HTTPS: Error code: SSL_ERROR_NO_CYPHER_OVERLAP
1 SSL error in Firefox
After taking a close look into the virtual server documents, it turns out that they most likely forgot to update the mask with the new SSL cipher configuration introduced in Domino 10.0 (contrary to the updated server and internet site documents, where it works like a charm). Setting the 9.0.1 cipher configuration again via notes.ini (SSLCipherSpec) didn’t work, the virtual servers would only offer those very old ciphers shown in the screenshot. No modern browser will accept them.
2 Virtual server cipher configuration
A quick look into the documentation didn’t help either. The cipher configuration is only described for server and internet site documents.
Quick fix to make the boss happy
So, I figured, maybe it works when I just put the values in the appropriate field and see what happens. And indeed, it worked.
So here is the workaround:
Replace the values with your desired ciphers and restart the http task. No warranty though, this workaround is only for testing purposes.
Any suggestions or questions? Call us at +49(0)5251-288160 or send an e-mail to firstname.lastname@example.org.