× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



The other file is/was the intermediate cert.
The instructions were to install the intermediate certificate first and then the domain certificate.

Paul

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of John Jones
Sent: Wednesday, April 24, 2013 1:42 PM
To: Midrange Systems Technical Discussion
Subject: Re: SSL and public facing web site on the i

There are 2 .crt files to install one appears to be the Certificate
for the CA and the other is the certificate for our domain.

I don't recall having to deal with 2 .crt files from a trusted authority.
I think you only need the 1 for your domain. Use DCM to import that into the IBM i local *System store and assigned it to the IBM i HTTP server instance you're using.

Could be the CA's intermediate cert + the domain cert.


On Wed, Apr 24, 2013 at 11:41 AM, Bradley Stone <bvstone@xxxxxxxxx> wrote:

LOL! Now that's funny right there, Nathan! And actually makes the
point I Was going to about these auditors.



On Wed, Apr 24, 2013 at 11:27 AM, Nathan Andelin <nandelin@xxxxxxxxx>
wrote:

You need to go through a PCI audit someday.
You'll change your position very quickly :-)


Nah, PCI auditors are wimps. Try dealing with IT auditors from the DCAA.
I
did that for 5 years ;-)

Just tell them that you don't allow ODBC access to your database.
That will confuse them because that eliminates about 95% of known
hacks. Then tell them that you protect your DB with RPG. They will
think you're
insane
for using rocket propelled grenades, but they'll back off ;-)

-Nathan

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please
take a moment to review the archives at
http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
http://archive.midrange.com/midrange-l.




--
John Jones, CISSP
No security, no privacy. Know security, know privacy.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.