|
Aaron,
Do you mean you created the cert request with OpenSSL and sent to an cert
authority, and got back a cert in the form that works with apache, or that
you made a self signed cert with OpenSSL?
There is a chain of trust in SSL and that chain is only complete if the
clients computer has the public key for the certificate of authority from
the entity that generated your SSL certificate. Self signed ertificates are
inheriently less secure for this reason, unless your deploying the
cerrtificate of authority that you made for your self signed cert to all
the workstations in question. If you went the self signed route, I implore
you to consider buying a cert from the cheapest cert provider with the
longest expiration period they will give you, and that's a big improvement
from what you did for free.
</rant>
All that being said, I've never configured ssl on the IBM i telnet service,
but if you'd point out the greenscreen commands you've tried and errors
your getting, I'll see if I can figure out the correct incantation of the
Open SSL command to convert the certificate. OpenSSL is very much a swiss
army knife and can convert a certificate between many formats.
On Fri, Jan 29, 2016 at 11:25 AM Aaron Bartell <aaronbartell@xxxxxxxxx>
wrote:
Does anyone know if you can configure telnet on IBM i to use certscreated
by openssl commands? Trying to automate telnet SSL configuration with alist
shell script (and at the same time move away from DCM).
Aaron Bartell
litmis.com - Services for open source on IBM i
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
To post a message email: MIDRANGE-L@xxxxxxxxxxxx--
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related
questions.
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related
questions.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.