× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2023

Re: HMC - https

The SAD part is I have so much equipment that if I actually provided a cert for every piece of gear I'd spend half the bloody year doing NOTHING but updating certs on every piece of gear.

It was hard when certs could last three years.

Then there was 1/3 more effort when they could only last 2 years.

Then workload doubled yet again when they could only live for 1 year.

And some gear, SUCH as the HMC, make it damn near impossible to install a wildcard certificate!

And I just have to ask, if we mere mortals can only have certs that last 380ish days, why is it that the certs from the people that generate those certificates are good until 2060, or some redonkulous duration, that expires long after I'll be sipping umbrella drinks and reading actual paper novels on a sandy beach, with no electronic devices allowed!!

Hmmmm?



On 3/6/2023 2:35 PM, Rob Berendt wrote:
Follow this
https://www.ibm.com/support/pages/hmc-certificate-signing
Do NOT choose self signed certificate. It WILL fail an audit.
One may argue that a self signed certificate should be fine for internal
use. However you will never win that argument. All you will do will get a
reputation for someone who wastes time and money. This is not the windmill
you want to charge your steed at.

On Mon, Mar 6, 2023 at 12:26 PM eric bothes <iseriesstuff@xxxxxxxxx> wrote:

v9r2 service pack 951 build lvl 2104142200

if it is the cert, what do i need to do?

On 3/6/2023 10:59 AM, Larry "DrFranken" Bolhuis wrote:
What version are you on?

I've been doing HMC since before it had a web server and every version
I've used, as well as those I'm using currently ONLY supports https.

Possibly they are complaining about the certificate not being trusted??

- Larry

On 3/6/2023 10:32 AM, eric bothes wrote:
audit of our network found a vulnerability with our HMC. Seems its
HTTP and not HTTPS.

Can someone point me to any docs to show how to secure the HMC with
HTTPS.

Thanks


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.