Re: 2 webserver questions

["Luther Ananda Miller" <luther.miller@xxxxxxxxxx>]

Those products are indeed used to make certificates, and you can make your
own, but you are right that you probably want to get them from a well-known
"trusted" source instead or people who access your site will receive
messages that they may be untrusted.

However, you need the additional encryption product also just to do SSL at
all, even if you do not generate your own certificates. SSL and DCM both use
the encruption product. SSL uses to encrypt and decrypt etc., whereas DCM
uses it to create certificates.
I think also things like Client Access Express's VPN options might use it,
but I am not sure about that.

I have implemented SSL with test certificates on the 400 which I built with
DCM. We have not ordered a cetificate from the likes of Verisign yet, but
will be doing so soon. To implement it on the 400 was actually very easy. I
just followed the instructions in the manual- creating a certificate, and
then turning on the SSL option in the HTTP server configuration. It seems to
work fine, although I have not yet done thorough testing.

Luther

>Thanks for these links. I am still a little confused. From reading these
>sites,
>it seems to me that I would only need 5769AC1, 5769AC2 or 5769AC3 if
>I'm going to make my own certificates, but I wouldn't if I'm going to
>purchase
>one from a vendor like VeriSign. Am I misunderstanding this? It would
>appear that DCM is a free product. Have you implemented SSL on an
>AS/400? If so can you share your experience? I would much appreciate it.
>
>Joe Teff


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---