[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Digital Certificates
Sender: James Viney <James.Viney@xxxxxxxxxx>
Sorry to be so naïve about all this, but I'm now trying to create a
certificate for my application. Is there an easy way to do this, as I'm
finding the DCM a complete nightmare and now I'm just clicking buttons for
the hell of it!
We're having an ISDN link fitted soon.....will this cease the need for me to
continue down this path, or will I still need to organise a certificate??
It appears to cost quite a bit of money for a certificate, which I don't
want to pay for if it ultimately doesn't work. Am I going about this the
right way, considering the documentation from the company I'm trying to send
to states that "HTTPS SSL 3.0 transport protocol has been adopted and uses
server side digital certificates, but does not require the use of
client-side certificates such as those required by PKI schemes."
So far I have created a New Certificate Store under *system and asked
VeriSign to be the signer of the certificate.....should I not have done
that?? This has created a Certificate Signing Request but I've now reached
a point where I have even less of an idea than I did at the start.
What am I doing??!! Please help!
James Viney
Senior Analyst/Programmer
Fortis Insurance Ltd
Tel: 023 8031 3324
-----Original Message-----
From: James Viney
Sent: 01 December 2004 09:41
To: 'ftpapi@xxxxxxxxxxxxx'
Subject: RE: GSKit issue?
Thanks Scott.....
The penny dropped about 20 seconds after sending the mail yesterday! Doh!
Thanks for your response anyway......I'm just in the middle of trying to
work out how to create certificates now!
James Viney
Senior Analyst/Programmer
Fortis Insurance Ltd
Tel: 023 8031 3324
-----Original Message-----
From: owner-ftpapi@xxxxxxxxxxxxx [mailto:owner-ftpapi@xxxxxxxxxxxxx] On
Behalf Of Scott Klement
Sent: 30 November 2004 17:34
To: ftpapi@xxxxxxxxxxxxx
Subject: Re: GSKit issue?
Sender: Scott Klement <klemscot@xxxxxxxxxxxx>
Hi Glenn.
[SNIP]
> I created a user account at UPS and got an Access key. I registered my app
> with our DCM and when I try to run the program I get the following error:
> "(GSKit) Key database file was not found."
[SNIP]
> We are on v5r2 with the latest CUM and have SSL working for other apps.
>
Each certificate store in the DCM is associated with a key database. This
database is necessary in order to encrypt or decrypt digital certificates.
AFIAK, this database is generated when the certificate store is created.
For example, the *SYSTEM certificate store uses a key database that's
stored in the IFS and is called
/QIBM/USERDATA/ICSS/CERT/SERVER/DEFAULT.KDB
For whatever reason, this application is unable to find the key database for
whichever certificate store your application is registered in.
Possibly you haven't created the *SYSTEM certificate store in your DCM?
That's what HTTPAPI will use (unless you register your application manually
via the web interface for the DCM instead of using teh https_dcm_reg()
function of HTTPAPI)
> Since this is the first time I have heard/seen anything about the GSKit
I'm
> not sure how to proceed. Are we missing a Licensed Program? a PTF?
GSKit is part of the base SSL support on the iSeries in V5R1 or later. If
you've got SSL working, then you've got it installed. Since it's returning
errors, it's obviously there :)
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------