Jump to main content
Welcome to the documentation for the HCL Domino Early Access Program
The HCL Domino® Early Access Program is a new program that is intended to give you the chance to test new product features early in the development cycle.
New features in the current drop
The current drop of the HCL Domino® Early Access Program available on November 9, 2020 introduces the following features and enhancements.
These are the security features and enhancements provided through the Early Access program.
Automating certificate management
HCL Domino® 12 introduces a new server task, Certificate Manager (CertMgr), that works with a new database, Certificate Store (certstore.nsf) to automate generation of TLS certificates from the Let's Encrypt® certificate authority (CA) or another third-party CA.
Time-based one-time password (TOTP) authentication
When users log on to a Domino Web server, you can require that they provide time-based one-time passwords in addition to their user names and passwords.
TLS 1.0 is disabled by default
This Early Access drop disables Domino's support for TLS 1.0 by default, leaving TLS 1.2 as the currently supported TLS protocol version.
Support for PEM-formatted TLS host keys and certificates
When configuring a Server document or Web Site document with a path to a keyring file, administrators can now specify text files containing PEM-formatted keys and certificates instead of ".kyr" files in the proprietary format.
New template signing ID uses 2048-bit keys
A new template signing ID, CN=Domino Template Development/O=Domino, provides stronger encryption using 2048-bit keys. Templates that ship with Notes and Domino 12 will be signed with the new ID.
Two new curves supported for TLS 1.2 ciphers that use ECDHE for forward secrecy
The TLS 1.2 ciphers that use Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) for forward secrecy now support two new curves for forward secrecy: X25519 and X448.
The new Domino directory design (pubnames.ntf) provides several stand-alone enhancements that improve usability for administrators.
Enhancements to Mail-In Databases usability
The Mail-In Databases and Resources view now displays the internet addresses of mail-in databases that have them. In addition, it includes a Go to Database button to open mail-in databases from the view.
Custom criteria to populate groups
When you create a group in the Domino directory, you can now populate the members of the group based on an LDAP search query.
Older security options are no longer selectable
630-bit and 512-bit public key options are no longer available to apply to Notes IDs. The "4.6 or greater" password verification option is no longer available to apply for internet password strength.
HEX codes displayed for TLS ciphers
As a convenience to administrators, HEX codes are shown next to the symbolic names for the TLS ciphers that can be selected in various fields in the Domino directory.
Applets no longer used
Applets are not longer used to display the navigational outline of the Domino Directory or action buttons such as Add Person.
Button to see all Configuration Settings documents associated with a server
From an open Server document you can click the Find Server Config button to see all of the Configuration Settings documents associated with the server.
Button to find all groups a users belongs to
From an open Person document you can click the Find Groups button to see all of the groups that a user belongs to, including groups they are members of through other groups.
Lists of notes.ini settings sorted alphabetically
Lists of notes.ini settings are shown in alphabetical order wherever they occcur in the Domino directory.
Explicitly select the methods to use in Web Site documents
For improved security, administrators now explictly select the HTTP methods to enable in Web Site documents.
This topic describes the enhancements to the Domino Attachment and Object Service (DAOS).
Attachment consolidation
The Domino® server employs the Domino Attachment and Object Service (DAOS) to save significant space at the file level by sharing data identified as identical between databases (applications) on the same server.
Database quota settings replicate
When administrators enable, disable, or modify quotas on a database on an HCL Domino® 12 server, the quota settings replicate to other replicas on Domino 12 servers.
The following LotusScript and Java methods are added.
Database transaction methods for LotusScript and Java
New LotusScript and Java methods are provided for the Database class to record database transactions.
Formula Language in DQL search terms
In HCL Domino® 12, Formula Language can be used in Domino Query Language (DQL) search terms.
HCL Domino® includes a Docker-compatible Red Hat Universal Base Image (UBI) of Domino that is part of your entitlement and available for download through the HCL Licensing Portal. HCL Domino is pre-installed on this image, allowing you to deploy Domino servers as containers with just a few commands.
Domino on Docker requirements
Understand the requirements and current limitations for Domino on Docker.
Types of Domino containers
Use the docker run command to create a container that runs Domino. You can create the following types of Domino containers, based on the docker run arguments that you specify.
Docker run command arguments
To create containers for Domino, you use the the docker run command with the following arguments.
Creating a secrets file for a password-protected server ID
If a Domino server ID is password-protected and you run the Domino container in detached mode where an administrator cannot input the password directly, create a secrets file to store the password. The Domino server reads the password from the secrets file.
Deploying a new Domino server on Docker
To deploy a new Domino server in a Docker container, complete the following steps.
Upgrading a containerized Domino server
Upgrading a containerized Domino server is done differently than upgrading a non-containerized server.
Creating a container to run Domino processes with the server down
If you need to run Domino processes such as fixup or updall when the server is down, create a specialized container.
Useful Docker commands
Following are descriptions of some Docker commands that are useful for interacting with containers.