Home
Administering HCL Traveler
Information on planning, installing, configuring, and administering HCL Traveler.
Configuring HCL Traveler server
The HCL Traveler configuration settings are part of the Domino® server document. The first time that the HCL Traveler server is started, it performs any necessary configurations. You might want to perform additional configurations beyond the basics. The following topics describe additional configuration options.
HTTP
For increased security, HTTP traffic to and from the HCL Traveler server should be secured by enabling SSL or using a VPN. For SSL, at least the component that is terminating SSL connections from the clients should have SSL enabled. The SSL termination can be done at the proxy, load balancer, or IP sprayer layer (common when configuring high availability mode but also possible for single HCL Traveler server configurations) or Domino HTTP layer. Other layers beyond the SSL termination of clients' requests do not need to have SSL enabled too (HTTP is normally sufficient), but it is possible to have the other layers have SSL enabled for even greater security.
SSL ciphers
Many clients will not support older or more vulnerable SSL ciphers. These are generally not enabled on the HCL Domino server, but if a particular cipher needs to be disabled to avoid the clients from trying to use the cipher and encountering problems, the following procedures show how to disable them.

Administering HCL Traveler
Information on planning, installing, configuring, and administering HCL Traveler.
- Planning for installation and configuration
  There are many installation and configuration considerations you should review before installing the HCL Traveler server.
- Installing the HCL Traveler server
  The following topics describe options for installing and uninstalling the server:
- Configuring HCL Traveler server
  The HCL Traveler configuration settings are part of the Domino® server document. The first time that the HCL Traveler server is started, it performs any necessary configurations. You might want to perform additional configurations beyond the basics. The following topics describe additional configuration options.
  - HCL Traveler server settings
    You can configure a variety of HCL Traveler server settings, including server document settings and notes.ini settings.
  - HTTP
    For increased security, HTTP traffic to and from the HCL Traveler server should be secured by enabling SSL or using a VPN. For SSL, at least the component that is terminating SSL connections from the clients should have SSL enabled. The SSL termination can be done at the proxy, load balancer, or IP sprayer layer (common when configuring high availability mode but also possible for single HCL Traveler server configurations) or Domino HTTP layer. Other layers beyond the SSL termination of clients' requests do not need to have SSL enabled too (HTTP is normally sufficient), but it is possible to have the other layers have SSL enabled for even greater security.
    - HTTP authentication
      This section provides HTTP authentication information.
    - Manually configuring the HTTP server
      This topic includes a complete list of all Domino® HTTP configuration changes required to successfully start and run HCL Traveler. In general it is not necessary to make any manual configuration changes to the Domino server. However, in some environments the HCL Traveler server may not have write access to the Domino server document. In this case, add NTS_AUTO_CONFIG=false to the Notes®.ini file to suppress any error messages, and then make the required changes to the server document as specified in this topic.
    - SSL ciphers
      Many clients will not support older or more vulnerable SSL ciphers. These are generally not enabled on the HCL Domino server, but if a particular cipher needs to be disabled to avoid the clients from trying to use the cipher and encountering problems, the following procedures show how to disable them.
  - Setting the external server URL
    There are times when a device needs to connect to a link sent by the server. For example, downloading client files, web page URLs, and Apple encrypted mail retrieval. To make sure that the server sends an appropriate link that the device can use, you must first set the External Server URL field on the HCL Traveler tab in the Server document.
  - Configuring the server for Certificate Based Authentication with Android devices
    There are several reasons why companies may wish their users to authenticate using a client certificate. Admins can easily issue and revoke certificates using MDM solutions. There is no need for users to remember or provide credentials. And there is additional security with two factor authentication using the certificate.
  - Configuring the HCL Traveler High Availability Pool
    Configuring HCL Traveler to use a High Availability Pool requires special configuration steps.
  - Configuring Traveler for use with Outlook
    After installing the Traveler server, configure it for use with HCL Traveler for Microsoft™ Outlook (HTMO).
  - Setting auto sync options
    You can use auto sync options to maximize the battery life of mobile devices.
  - Tuning performance of the server
    This topic describes memory, thread, logging and other considerations for the performance of the HCL Traveler server.
  - Configuring ports for a partition
    HCL Traveler supports running on multiple Domino® partition servers on the same physical machine. The server must be configured to avoid port conflicts among the partition instances.
  - Converting Notes® document links to web links
    Notes® links that are contained in mail messages and viewed on HCL Traveler clients will now include an additional URL hotspot which points to the web address of the application server. It may be possible to open the linked application using a browser on the mobile device, similar to how applications can be opened using an iNotes® application.
  - Customizing the device configuration process for Apple
    There is no additional client code that must be installed on an Apple device for it to connect to an HCL Traveler server. However, you must configure the Microsoft™ Exchange account on the device so that it can use Exchange ActiveSync to connect to the HCL Traveler server. Apple devices can be configured either manually or by using profiles. This topic also describes how to customize profiles (also known as .mobileconfig files) to work in your environment.
  - Name lookup
    For HCL Traveler to function properly, it must be able to lookup user information. Depending on the type of lookup, a variety factors can change, including where the lookup is performed, what parameters are used on the lookup, and how long the results are cached.
  - Configuring corporate look up for devices
    The corporate look up feature of HCL Traveler allows mobile users to search for and find information about other users in the Domino® directory. It also allows them to find information using remote directories if directory assistance is configured. This is useful when a user must contact another person in the organization who is not in the user's local contact store.
  - Configuring and using out of office replies
    The out of office service can be managed from your Apple, Android, BlackBerry 10, or Windows™ Phone device.
  - HCL Traveler Companion security settings
    There are security settings available that control how Companion connects to the HCL Traveler server and how attachments in encrypted mails can be used on the mobile device.
- Administering HCL Traveler
  The HCL Traveler server component functions as a Domino® server add-in task and responds to Domino server console commands. Topics in this section describe common administrative tasks for administering a HCL Traveler server.

SSL ciphers

Many clients will not support older or more vulnerable SSL ciphers. These are generally not enabled on the HCL Domino server, but if a particular cipher needs to be disabled to avoid the clients from trying to use the cipher and encountering problems, the following procedures show how to disable them.

Procedure

Use the Domino® Administrator client to open the server's public address book.
In the navigator, select the Configuration tab, then select Server > Current Server Document.
1. Click the Edit Server action.
2. Select the Ports tab, then select Internet Ports.
3. Set TCP/IP port status to: Enabled, Redirect to SSL should not be used.
4. Under SSL authentication options, the Client Certificate field should be set to No.
5. In the SSL settings section of the form, select the Modify button under the SSL ciphers item.
6. In the SSL Cipher Settings dialog, deselect the ciphers to be disabled.
Save your changes.

Alternate procedure

Ciphers may also be disabled via the Internet Sites document. If there is an Internet Site document for your server, open it.
1. Click the Edit Web Site action.
2. Select the Security tab.
3. Under TCP Authentication options, the Redirect TCP to SSL field should be set to No.
4. Under SSL authentication, the Client Certificate field should be set to No.
5. Select SSL Security > SSL Ciphers > Modify
6. In the SSL Cipher Settings dialog, deselect the ciphers to be disabled.
Save your changes.

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.