IBM G325-2585-02 Sametime Connect and HTTPS connections on port 443 or 563

IBM Lotus Sametime 7.5.1 Release Notes

LDAP Distinguished Name (DN) How name should appear in ACL

1 cn=administrator,cn=users,dc=ibm,dc=com cn=administrator/cn=users/dc=ibm/dc=com

2 uid=wpsadmin,cn=users,dc=ibm,dc=com uid=wpsadmin/cn=users/dc=ibm/dc=com

3 cn=Sametime Administrator,ou=Austin,O=IBM Sametime Administrator/Austin/IBM

With the above setup, the LDAP account specified in the ACL can now be used to administer the server

and, more importantly, administer and assign policies.

Sametime

Sametime Connect and HTTPS connections on port 443 or 563

This release note discusses issues pertaining to Sametime Connect client connectivity on port 443. These

issues include:

z Connecting to the Community Services on port 443 when the Domino HTTP server is configured to

listen for SSL connections on port 443

z Sametime 2.5 Connect client compatibility issue when connecting to a Sametime 7.5.x server on port

443 or 563

z Sametime 7.5.x Connect client compatibility issue when connecting to a Sametime 2.5 server on port

443 or 563

z Community Services multiplexer on Sametime 7.5.x server does not forward HTTPS connections on

port 443 to the Domino HTTP server

Connecting to the Community Services on port 443 when the Domino HTTP server is configured to

listen for SSL connections on port 443

Sametime installs on a Domino server. Web browser users connect to the Domino HTTP server when

accessing the Sametime server. If the Domino HTTP server is configured to support SSL for Web browser

connections, the Domino HTTP server is usually configured to listen for these HTTPS connections on port

443 or port 563.

Some Sametime Connect clients may operate in networks that require the clients to connect to the

Internet or intranet through an HTTPS proxy. Many network environments that require users to connect

through an HTTPS proxy only allow outbound connections to occur on port 443. If a Sametime Connect

client operates in such an environment, the following configurations must exist on the Sametime Connect

client and the Sametime server for the connection to be successful:

In the Sametime Connect client Sametime Connectivity tab:

z The "Community port" setting must specify port 443.

z The "Use proxy" and "Use HTTPS proxy" settings must be selected. The IP address or DNS name of

the HTTPS proxy server and port number used to connect to the HTTPS proxy server are also

specified.

z In the Sametime Administration Tool on the Sametime server, the Community Services Network -

Address for HTTPS-tunneled client connections - Port number setting must specify port 443.

With these configurations, the Sametime Connect client connects to the HTTPS proxy, and the proxy

connects to the Sametime server on behalf of the Sametime Connect client. The connection from the

proxy server to the Sametime server Community Services occurs on port 443. The Community Services

on the Sametime server must be configured to listen for the HTTPS connections on port 443 to ensure the

connection can succeed.

Note The configurations above enable Sametime Connect to establish a connection to a Sametime server