The reason that it "just sits there" when you try to connect to port 2001,
is because that's the regular (non-SSL) port.  It's connected, and trying
to enable SSL, but since that port doesn't do SSL, nothing happens.

As for why port 2010 doesn't work, I'd try narrowing down the problem
a bit.

1)  Check if the SSL enabled *ADMIN server is even running.   Do a
      NETSTAT *CNN from your as/400, and see if there's anything
      listening on port 2010.  If not, it's not running.  Check
      QSYSOPR for messages, and also check the spool for job logs
      that might be related.

2)  See if you can connect from the LAN.  If you can connect from
      the LAN, then the server is working properly, and the
      problem is a firewall/routing/NAT issue.

3)  If the LAN works, and you're using NAT, you might need to make
      sure that the domain name from teh outside is the same as
      the domain name from the inside.   It's possible that the name
      you're connecting as doesn't match the name on the certificate,
      which might cause SSL to think somethings wrong.

Hope that helps...

On Tue, 16 Jul 2002, Justin Houchin wrote:
> Hi Everyone,
>             I am trying to get a secure connection to my *ADMIN Server
> Instance. I have my test system certificate installed from VeriSign. I
> have gone into the "Security configuration" and setup the SSL
> connection, SSL Port 2010, SSl Client Authentication-Optional. I have
> gone into the Digital Certificate Manager and did a "work with secure
> applications". I assigned my VeriSign certificate to
> QIBM_HTTP_SERVER_ADMIN. I shutdown and restarted the *admin server
> instance. I downloaded the test CA certificate to my web browser from
> VeriSign. I pass port 2001 and port 2010 through the firewall to the
> 400. I connect to my home computer using PcAnywhere to simulate being on
> a machine outside of the firewall. I pull up a web browser and type
> https://www.reliatek.com:2001...the
> <https://www.reliatek.com:2001...the/>  machine sits there like it is
> trying to load. I check the netstat on the 400 and it shows
> 24.216.***.**    2035       as-admi >  000:00:06  Established, but
> nothing happens. When I type in https://www.reliatek.com:2010
> <https://www.reliatek.com:2010/> , it says page cannot be displayed. Any
> Suggestions????

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page