[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Trusting an application
By default, HTTPAPI will use your system's default trust settings. i.e.
if you have a CA certificate installed in the *SYSTEM certificate store
that matches the partner's certificate, then the system will trust it.
Just like a web browser.
If you associate HTTPAPI with a DCM application ID, then it'll only
trust what you configure in that application ID.
ian wrote:
> In our implementation of HTTPAPI we have always trusted an application
> to the SSL certificate manually - by specifying the app in the DCM and
> adding it to the trusted applications of the certificates.
>
> When testing a new link today, the SSL communications worked, but we had
> not trusted the application to the SSL certificates used in this
> connection.
> I would have expected the connection to fail.
>
> Is there something in HTTPAPI or OS400 that now allows untrusted apps to
> work, or have I missed something here ?
>
> We are running OS400 V5R4 and HTTP 1.20
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------