Domino and node.js: first steps (part 2)

Our journey in the setup and use of node.js with Domino 10 continues here.

If you missed the first part you can find it here. I suggest you to read it before continuing as the first two points are necessary to start creating the environment. This article starts from point three.

(This article is the second of a series, we will update the links as we proceed to publish everything)

 

3. Domino.db 1.2.0

From the AppDevPack extract the file domino-domino-db-1.2.0.tgx and unpack it in a temporary location on your Windows machine (in our case c:\installkits).

On the server open a command prompt, go in the directory that contains the files of your Node.js project (in this example c:\node) and type the command

npm install /installkits/domino-domino-db-1.2.0.tgz –save

With this command you run npm, the installer of Node.js, passing as parameter the name of the file to install.
If everything is correct you will get a response like this:

 

I suggest you to install also two additional packages, always using npm: express and express-generator. Ejs is one of the various template engines supported, so your choice may be different if you already have experience with Node.js

To do that run the commands:

npm install express
npm install -g express-generator
express - -view=ejs
npm install ejs

These modules are not strictly necessary to work with Domino but they create a framework within node.js that I found very useful. You can find a lot of documentation pages about these modules on the net.

 

Now your Node.js/Domino environment is ready, and you can start writing code!

However, before continuing, let’s see how to manage node.js / Domino communication in authenticated and encrypted mode.

4. Setting up authenticated connection with certificates

As we said before the communication between Node.js and Proton can happen in two ways

  • Anonymous
  • Client certificate

Obviously the first option is simpler, but it requires that in the ACL of the Notes database you set the Anonymous user with at least reader access, and this can cause security problems expecially if we have the HTTP task active.
So we need to set up the connection using a user and the relative certificate.
In the AppDevPack, inside the proton folder, there are two .cmd files that allow us to generate and manage the certificates needed for this operation.
The files are:

  • make_certs.cmd
  • make_keyring.cmd

In order to be able to generate the needed files you need to download 2 other packages: OpenSSL and Kyrtool . You can find all the details here:
https://www-10.lotus.com/ldd/dominowiki.nsf/dx/3rd_Party_SHA-2_with_OpenSSL_and_kyrtool?open

 

The first command to use is make_certs.cmd that, using OpenSSL, creates the certificate files for the environment (other that the root certificate, is generated one for the server and two for different users called App1 and App2).

Keep in mind that the make_certs.cmd has to be changed in order to use the server and user names you want to use.

Run the make_certs command with a parameter, the name of the location where you want to have the certificates:

make_certs c:\certificates

Now we need to create a person document in the Domino Directory that is the user we want to use, for example App1, and import in this document the relative certificate.
Now let’s move to the server configuration generating the key file using Kyrtool and the second command :

make_keyring.cmd

This command generates two files named Sample and that we will rename proton. So we will have proton.kyr and proton.sth that we need to copy in the Domino data directory.
We need to change the settings in notes.ini to use the new configuration, with these values:

PROTON_SSL=1
PROTON_AUTHENTICATION=client_cert
PROTON_KEYFILE=proton.kyr

In this way we are telling Proton to use SSL, to manage the authentication with the client certificate and to use the keyfile proton.kyr.
To do this, quit The proton task on the Domino console, change the notes.ini and reload the proton task.
Domino setup is now complete, now is Node.js that has to manage his part of authentication, see below point 5
If you want more details on this part you can check the documentation here:
https://doc.cwpcollaboration.com/appdevpack/docs/en/proton-admin.html#client-authentication

This ends the second part of our journey in node.js. Stay tuned for the next articles