Skip to main content link. Accesskey S
  • HCL Logo
  • HCL Notes and Domino wiki
  • THIS WIKI IS READ-ONLY. Individual names altered for privacy purposes.
  • HCL Forums and Blogs
  • Home
  • Product Documentation
  • Community Articles
  • Learning Center
  • API Documentation
Search
Community Articles > Lotus Domino > Domino admin > Why do I see weird results when connecting to the Domino Java Console in a browser?
  • Share Show Menu▼
  • Subscribe Show Menu▼

Recent articles by this author

Best practices for setting up optimal performance of Domino server

The overall business objective of this document is to identify area of potential improvement and provide recommendations in effort to increase the performance of the existing Domino servers.

Why I did not get a 'No matching web site' error when there is no matching internet site?

How the internet site behave when duplicate web site present

Why do I see weird results when connecting to the Domino Java Console in a browser?

"About those funny characters when connecting to the Java Console in a browser"

overview of causes of server Crash hangs due to "Recovery Manager: Log file is full" message

What does this error mean? What maybe the impact? What to look for when the error occurs? What can the customer do to restore the service ASAP? What can be done to prevent this from recurring?
Community articleWhy do I see weird results when connecting to the Domino Java Console in a browser?
Added by ~Hal Prenugenynds on August 26, 2016 | Version 1
  • Actions Show Menu▼
expanded Abstract
collapsed Abstract
"About those funny characters when connecting to the Java Console in a browser"
Tags: Domino webserver troubleshooting


When I connect to Domino on port 2050 in Chrome I found Funny things file with the extension .file get automatically downloaded.

When use chrome I see


When used Firefox I see as below:


I've reproduced this with both Firefox and Chrome. In Firefox, it tries to display the data that has come back in the browser window itself. It
tries it's best to show the data as five boxes and a diamond with a question mark inside of it. Chrome on the other hand saves this
non-HTML data as a download. Looking at that file with a hex editor I can see the following data:

0x15 0x03 0x01 0x00 0x02 0x02 0x0a

If you look carefully at the boxes in Firefox, you can see these numbers in the boxes. As there is no Unicode character for these locations, it
shows the box with the numbers in it.

"While this looks odd, it is not a security issue. When the browser connects to port 2050 and sends an HTTP request over a non-secure connection,
the server is responding with the following byte sequence because the server was expecting a TLS Client Hello message:

0x15 0x03 0x01 0x00 0x02 0x02 0x0A

The SSL/TLS RFCs specify that a close_notify alert message is sent on a TLS channel when closing the connection. This lets us know why the
connection was closed. That is what this byte sequence is, essentially the TLS layer saying 'didnt understand?'. After sending this data the connection is
closed by the server and no other data is sent/exposed. The Java console will only allow connections via TLS 1.2 and only provides two
very high security protocols for the other end to choose from.

Here is what the byte sequence returned to the browser means:

Byte 0x15 This is a TLS Alert
Bytes 0x03 0x01 TLS v1.0, lowest common denonomator since we did not
receive a TLS Client Hello
Bytes 0x00 0x02 Length of payload (hard coded to 2)
Byte 0x02 Alert Level Fatal (no recovery)
Byte 0xA Unexpected message - received an HTTP request which
is not a valid TLS Client Hello


To understand the alert protocol, you can review this Wikipedia entry:

https://en.wikipedia.org/wiki/Transport_Layer_Security#Alert_protocol


If you instead sent your browser to connect on Https

https://server.com:2050

You will get something (at least in Firefox) that looks disturbing. Firefox complains about the site's security! However, if you go further
into the error message, you see the real problem is that there are no cipher suites in common. That only means that Firefox does not
currently support these two ciphers. It does not mean the connection is in any way insecure when used by the Java console.


Full list of cipher suites supported by the java Console


We use the following two ciphers for the Java console (the beginning SSL can also be TLS, no difference, same cipher)

SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384
SSL_RSA_WITH_AES_256_GCM_SHA384

The cipher to be used is chosen in that order, and as we control both sides, this means that in practice, the chosen cipher will be the first
one offered (as both sides know this cipher):

SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA38

  • Actions Show Menu▼


expanded Attachments (0)
collapsed Attachments (0)
Edit the article to add or modify attachments.
expanded Versions (1)
collapsed Versions (1)
Version Comparison     
VersionDateChanged by              Summary of changes
This version (1)Aug 26, 2016, 4:34:18 AM~Hal Prenugenynds  
expanded Comments (0)
collapsed Comments (0)
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedAbout
  • HCL Software
  • HCL Digital Solutions community
  • HCL Software support
  • BlogsDigital Solutions blog
  • Community LinkHCL Software forums and blogs
  • About HCL Software
  • Privacy
  • Accessibility