[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Httpapi and SSL
Hi Scott
You are right, waiting your answer, today morning, I did a proof without do
anything else that to configure the *System DCM and it runs. I have an error
"HTTP/1.1 500 Internal Server Error" but I suppose that is my mistake .
Thank you for your very clean answer
kind regards
Mario
----- Original Message -----
From: "Scott Klement" <sk@xxxxxxxxxxxxxxxx>
To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Monday, November 23, 2009 6:47 PM
Subject: Re: Httpapi and SSL
> Hello Mario,
>
>> thank you for your answer but now I am a bit confused.My problem was that
>> I
>> have to use a web services with https. So I read that in one of the
>> example
>> in LIBHTTP that I have to inizialize the https.
>
> You *can* initialize it, but you don't /have to/.
>
> You can call https_init() and that will associate your program with an
> application ID in the Digital Certificate Manager. Once you've done
> that, you can tweak all of the SSL settings for your application *if*
> you want to.
>
> However, very few people use that feature. Most people let HTTPAPI use
> default settings.
>
> Even if you *do* decide to use that feature, you don't have to assign a
> certificate to the application. You only assign a certificate if you
> want to use client-side authentication.
>
> Unless you have a reason to use these features, I recommend not using
> them. Just start your URL with 'https:' and HTTPAPI will automatically
> choose the default SSL settings for you. No extra work to be done.
> (Other than that OS/400 needs to have it's SSL components installed)
>
>
>> As I don't know much about and in my enviroment there was nothing
>> configured I see you tips , start the DCM on a system i at 5.4 and
>> follow step by step your tip. Now at point n) you wrote something
>> about the association of the certificate that was different with what
>> happen in my site.
>
> Do you need to have client-side certificates working? If not, then
> those steps don't apply to you.
>
> If you do, then please talk to whomever is running the server and make a
> determination about who is to provide the client-side certificates.
> Then download and install them (or create one, if you are providing
> them.) In either case, once you have a client-side certificate
> installed, it'll show up in the list.
>
> However 99% of people using HTTPS don't use this support. It's an
> unusual request. My e-mail was aimed specifically at Ron, who
> specifically asked for help with client-side certificate support.
>
>> only need is to use the https web services on a system i where there is
>> not
>> https configured.So let me know if to use the https web service the steps
>> I
>> followed are enough to succeed in https web services
>
> Then install the SSL components of OS/400. The licensed programs needed
> for your release will be in the Information Center under Security / SSL
> / Plan for SSL.
>
> Once you have them installed, go into the Digital Certificate Manager,
> and create a *SYSTEM certificate store.
>
> That should be *all* you need to do (except putting 'https:' in your
> URL) to use SSL from HTTPAPI.
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------