If you want to have SSO between Domino and Sametime 12.0.1 FP1 or above you need to create the Web SSO document in Domino using “LTPA Token 2” as token format, instead of “LTPA Token and LTPA Token2” as was common in previous versions of Sametime. This because HCL, starting with Sametime 12.0.2 FP1 disabled LTPA V1 token support by default – in favor of LTPA V2 which is more secure.
On the Sametime server open the file custom.env and make you see this at the end ENABLE_LTPA=true LTPA_KEYS=C:\Sametime\ltpa.keys <- replace with the location of your LTPA key file LTPA_KEYS_PASSWORD=XXXXXX <- replace with your key password
Open the sametime.ini file and change the line
ST_AUTH_TOKEN=Jwt (this is the default) to ST_AUTH_TOKEN=Fork:Jwt,Ltpa
A customer of mine ran into an issue when using his Sametime server for meetings with external companies. The participants could not see any video neither hear audio.
Since internally everything works perfectly and he is using a TURN server, we started looking into its configuration and logs. We didn’t find anything wrong and the logs reported no errors. Then, after finding that until circa one month ago everything was working fine, he remembered that since then, he changed the coturn certificate from a single LetsEncrypt certificate to a wildcard one he gets from a CA for his company.
So he switched back to the LetsEncypt certificate, and everything started working again. Upon looking in the coturn GitHub repository he found this https://github.com/coturn/coturn/issues/352 Turns out that coturn does not support wildcard certificates, and looking at the thread on GitHub is likely it will not do it in a foreseeable future.
I have suggested HCL to improve their documentation, mentioning this; even if I understand this is not a HCL issue, adding a warning not to use wildcard certs could be useful.
As I wrote in a previous post I will speak at Engage 2026.
But I am not the only one from OpenNTF that will have a session there, my colleagues in the Board will have sessions there too. This pictures shows the content that we are delivering at Engage, as you can see there’s something for both developers and admins.
Hope to see many of you there, and if you have any questions about the OpenNTF activities, or any request, or you want to help, just grab one of us and let’s talk!
I had the honor and the privilege of having a session accepted at Engage 2026.
I will speak, together with my usual partner-in-crime, Marianna Tomasatti, about the difference in configurations of Sametime Chat Server on Docker and on Windows.
Sametime Chat on Windows Tue, Apr 21- 16:05–16:30 – Room A Sametime chat on Windows offers the same features as Sametime on Docker/Kubernetes; however, configuration and customization are performed differently, and the files you need to edit are not the same.In this session, we will explain how to configure LTPA, SSO, and other tips and tricks.
