[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Httpapi and SSL
Hello Mario,
> thank you for your answer but now I am a bit confused.My problem was that I
> have to use a web services with https. So I read that in one of the example
> in LIBHTTP that I have to inizialize the https.
You *can* initialize it, but you don't /have to/.
You can call https_init() and that will associate your program with an
application ID in the Digital Certificate Manager. Once you've done
that, you can tweak all of the SSL settings for your application *if*
you want to.
However, very few people use that feature. Most people let HTTPAPI use
default settings.
Even if you *do* decide to use that feature, you don't have to assign a
certificate to the application. You only assign a certificate if you
want to use client-side authentication.
Unless you have a reason to use these features, I recommend not using
them. Just start your URL with 'https:' and HTTPAPI will automatically
choose the default SSL settings for you. No extra work to be done.
(Other than that OS/400 needs to have it's SSL components installed)
> As I don't know much about and in my enviroment there was nothing
> configured I see you tips , start the DCM on a system i at 5.4 and
> follow step by step your tip. Now at point n) you wrote something
> about the association of the certificate that was different with what
> happen in my site.
Do you need to have client-side certificates working? If not, then
those steps don't apply to you.
If you do, then please talk to whomever is running the server and make a
determination about who is to provide the client-side certificates.
Then download and install them (or create one, if you are providing
them.) In either case, once you have a client-side certificate
installed, it'll show up in the list.
However 99% of people using HTTPS don't use this support. It's an
unusual request. My e-mail was aimed specifically at Ron, who
specifically asked for help with client-side certificate support.
> only need is to use the https web services on a system i where there is not
> https configured.So let me know if to use the https web service the steps I
> followed are enough to succeed in https web services
Then install the SSL components of OS/400. The licensed programs needed
for your release will be in the Information Center under Security / SSL
/ Plan for SSL.
Once you have them installed, go into the Digital Certificate Manager,
and create a *SYSTEM certificate store.
That should be *all* you need to do (except putting 'https:' in your
URL) to use SSL from HTTPAPI.
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------