[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Questions about the HTTP Server and Keystore authority requirements for HTTPAPI
hm...found this:
http://publib.boulder.ibm.com/html/as400/v4r5/ic2931/info/RZAINRZAINSYSTEMCERT.HTM
"you may need to carefully add *R authority to *SYSTEM and appropriate
authority to directories in the path to *SYSTEM for the specific user
profile under which the application runs. You should not allow
individual users access to *SYSTEM. "
Which seems to indicate changing *PUBLIC to *USE is not
recommend...though the doc is pretty old...
Charles
On Mon, Apr 16, 2012 at 10:34 AM, Charles Wilt <charles.wilt@xxxxxxxxx> wrote:
> --Granting ordinary users permission to run SSL applications
> Management gets nervous when I ask them to change the security on an
> IBM supplied object. :)
> I don't understand why this wasn't *PUBLIC *USE to begin with...
> Does anybody have any information or better yet links to IBM
> documentation describing why this change is a "good" idea with little
> or no risk?
>
> As an alternative, I assume I could use adopted authority in my
> HTTPAPI apps that need HTTPS; can anyone confirm?
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------