[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Authorities in the IFS (DCM)
Sender: "ian" <ian@xxxxxxxxxxxxxxxxx>
We are experiencing some difficulties in authorities in the IFS which appear
to be random, but I am sure they are not.
We use Scotts httpapi in ssl mode, which in turn evokes a usage of the DCM.
The path to the DCM is:
/QIBM/USERDATA/ICSS/CERT/SERVER/DEFAULT.kdb
Occasionally, some users get the message :
SSL Handshake: (GSKIT)
Access to key database not allowed
If we chase the authorities down the subfolder chain, *PUBLIC has *RX rights
up to the server folder.
SERVER and DEFAULT.kdb have *PUBLIC *EXCLUDE
Changing the *PUBLIC authorities for server and default fixes the problem.
My question is, why do we not get this error for all Users ? Our experience
is something like 50/50 get/do not get/ the error.
There may be something else that affects the access to default.kdb other
than the authorities I have described above.
I note that QSYS retains all rights. Is it possible that some users are
adopting QSYS ?
Any comments would be welcome.
Regards,
Ian Patterson
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------