HCL Verse: Docs Viewer 404

by
Tags: Verse Connections Docs Let's encrypt certificate Cross Certify Domino Preview 404
Categories: HCL

Screenshot

The Problem

I have recently had an issue with preview from HCL Docs not working in my HCL Verse webmail. The error i got in my Google Chrome console was “Fail to transfer attachment to Docs Viewer: 404”. The HCL Docs version I’m running is: “HCL Connections Docs 2.0.1”

I did some google searching on the matter and one of the causes to the problem could be if “iNotes_WA_Security_NonceCheck=0” was set in notes.ini, mine didn’t contain that. I was back scratching my head since this had worked previously. I took a look in the documentation Integrating with HCL Connections Docs to see if I had missed something.

Enable Debugging

Debugging was enabled by adding the following parameters in <Domino>/data/domino/workspace/.config/rcpinstall.properties and restart HTTP task.

com.ibm.domino.attachservice.servlets.attachment.AbstractAttachmentAccessor.level=FINEST
com.ibm.domino.attachservice.servlets.level=FINEST

Logs will be made in <Domino>/data/domino/workspace/logs

The issue

<CommonBaseEvent creationTime=“2021-12-03T13:57:39.970+01:00” globalInstanceId=“EL7f00000200017d805e0b0a00000073” msg=“Certificate with subject CN=verse.example.com, issued by CN=R3, O=Let's Encrypt, C=US, is not trusted. Validation failed with error 3659.” severity=“30” version=“1.0.1”>"

This error message occurs when cross certification is not properly configured. Please ensure that certificate has been imported and cross certified into names.nsf. Here is the file I used Let’s Encrypt ROOT Certificate

Import the internet certificate:

  1. Launch Domino Administrator, connect to the service manager
  2. Open names.nsf of the service manager, navigate to Configuration -> Security -> Certificates
  3. On the menu bar click Actions -> Import Internet Certificates
  4. Locate the Internet certificate file, click “accept all” button in the dialog (if required), click on import successfully message

Create cross certificate:

  1. Locate the imported certificate in Internet Certifiers section. Double click to open it
  2. On the menu bar click Action -> Create Cross Certificate
  3. Click OK on the pop-up dialog
  4. Choose the correct cert ID and server
  5. Input the certifier password and click cross certify button
  6. You should be able to find the cross certificate in Internet Cross Certificates section

That did the trick and now preview is working again. All of this happened because I started using Let’s encrypt certificates in Domino 12