RE: (GSKit) Access to the key database is not allowed

["Dunn, Steven W" <Steven.Dunn@xxxxxxxxxxxxxxxxxx>]

Scott, thanks for your response. I did provide our network security group with
the instructions from your README file. Although I'm not sure they followed
these instructions when setting permissions for the folder path or files. I have
passed along your question/concerns regarding setting of uid vs. gid. As soon as
they respond I'll let you know if that was an issue or not.

Thanks again for your help. 


Steve Dunn


-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement
Sent: Thursday, May 08, 2008 12:13 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: (GSKit) Access to the key database is not allowed

Hi Steven,

Have you followed the instructions in the README member of the QRPGLESRC file
that's included with HTTPAPI?  The section is titled 'Granting Ordinary Users
Permission to run SSL Applications'.

I don't know if those instructions help or not...?

Regarding changing the IFS permissions..  you say you're using a group profile.
Are you changing the group permissions and group ownerships on these IFS files?
I guess I'm concerned that you might be setting the uid of the objects to the
group profile instead of setting the gid.


Dunn, Steven W wrote:
>    Using HTTPAPI, I'm trying to validate I can initiate an SSL request
>    from our system using the 'Example4' function provided, but keep
>    running into authorization issues with the key database. Using the
>    following instructions Scott provided a previous user I found in the
>    forum archive,  our server ops and network security group added a
>    supplemental group profile to my profile with *RX authority to the
>    following folder path (/QIBM/UserData/ICSS/Cert/Server) and *R
>    authority to both the DEFAULT.KDB and DEFAULT.RDB files. However I'm
>    still getting the same error.
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
The information transmitted (including attachments) is
covered by the Electronic Communications Privacy Act,
18 U.S.C. 2510-2521, is intended only for the person(s) or
entity/entities to which it is addressed and may contain
confidential and/or privileged material. Any review,
retransmission, dissemination or other use of, or taking
of any action in reliance upon, this information by persons
or entities other than the intended recipient(s) is prohibited.
If you received this in error, please contact the sender and
delete the material from any computer.

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------