× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2016

Re: iSeries SSL, Comodo certificate - no green padlock on browser

Reverse proxy has other benefits. You can offload encryption workloads to a
separate server. You can deploy the reverse proxy on a separate network
segment to satisfy PCI requirements. If your IBM i server is down for
scheduled maintenance, the reverse proxy can be changed to return a page
about the maintenance activity.



On Tue, Mar 29, 2016 at 9:10 AM, Tim Bronski <tim.bronski@xxxxxxxxx> wrote:

Well the reverse proxy is a gateway machine where the TLS terminates. You
could use Apache on a linux server with mod_proxy. The IBM i is a backend
web server. If you google up Apache Reverse-Proxy etc you'll find more
practical info than I could retype but here's an article that's somewhat
related:
https://timwells.net/blog/hardening-tls-apache-reverse-proxy/

On 3/29/2016 4:47 PM, Tom wrote:

That's an interesting idea - care to expand on it? I'm not sure how that
would work.


Thanks,
TomH

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Tim
Bronski
Sent: Tuesday, March 29, 2016 9:43 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: Re: iSeries SSL, Comodo certificate - no green padlock on browser

You could look at a reverse proxy to handle the TLS if the move off 6.1 is
an issue.




--
Need sFTP or PGP? Download your native sFTP or OpenPGP solutions here:
www.arpeggiosoftware.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.