Certificates for Java applets in Lotus Domino are expiring
Next Monday the security certificates used for signing Java applets in Lotus Domino, Quickplace, Quickr, and Sametime will expire. From Tuesday, the 19th of May, any users who access these servers via their web browsers will be confronted with an error message. While, according to IBM, neither the applets' functionality nor their security is compromised, the error messages will cause irritation.
Java applets are not used by all Domino applications. For example, recent versions of the webmail interface don't use them at all. On the other hand a whole range of templates do use this technology. The Sametime server, for example, uses a background applet to display presence information. IBM organised three conference sessions to clarify the details, and an audio recording of these sessions is available.
IBM is offering updated JAR files to download for the affected servers. Alternatively, admins can update their servers to the latest maintenance version. However, the updated versions are only available for servers which are still being maintained. Embarrassingly, the latest Domino version 8.5 is among those affected. When searching for fixpacks, IBM's Fixcentral is a good first port of call.