[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trusting an application

From: Scott Klement <sk@xxxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Trusting an application
Date: Fri, 22 Aug 2008 11:11:50 -0500

By default, HTTPAPI will use your system's default trust settings.  i.e. 
if you have a CA certificate installed in the *SYSTEM certificate store 
that matches the partner's certificate, then the system will trust it.

Just like a web browser.

If you associate HTTPAPI with a DCM application ID, then it'll only 
trust what you configure in that application ID.


ian wrote:
> In our implementation of HTTPAPI we have always trusted an application
> to the SSL certificate manually - by specifying the app in the DCM and
> adding it to the trusted applications of the certificates.
> 
> When testing a new link today, the SSL communications worked, but we had
> not trusted the application to the SSL certificates used in this
> connection.
> I would have expected the connection to fail.
> 
> Is there something in HTTPAPI or OS400 that now allows untrusted apps to
> work, or have I missed something here ?
> 
> We are running OS400 V5R4 and HTTP 1.20
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

References:
- Trusting an application
  - From: ian

Prev by Date: Trusting an application
Next by Date: Fw: length problem with http_url_post
Previous by thread: Trusting an application
Next by thread: Fw: length problem with http_url_post
Index(es):
- Date
- Thread