Sean (and anyone else who wants to answer),

Thanks for this wonderful reference.  I've been lurking on this thread and
waiting for someone to come through with something like this.  Since I'm
guessing you've done this before, I have a couple of questions.

In item 18 of the "Generate an Encryption Key and Customer Request Form"
section
(http://www.as400.ibm.com/tstudio/secure1/server/http/v4r4/chooseca.htm):
Do they want you to use your machine name or what you have in your DNS so
you can be found?  We don't have our machine name in our DNS entries, we
prefer to be found with either "www.estes-express.com" or just
"estes-express.com."  So do I just use "www.estes-express.com"?  And will
authentication fail if someone tries to use just "estes-express.com"?  Not
a big deal, and I can set up all our forms to specify
"http://www.estes-express.com" - just wondering.

In item 8 of the "Enable SSL" section
(http://www.as400.ibm.com/tstudio/secure1/server/http/v4r4/conform2.htm):
Which option do I want to use if all I want is to make sure that data
transmitted back and forth from the user's browser to my server is
encrypted (for now this is all I need - may change in the future)?  Looks
like it's "None" but I just want to make sure.  Also, if in the future I
want to require a successful handshake to get a certain URL, can I have an
environment where for some URL's client authentication is "None" and some
it's "Required"?  How would I do this?  I can forsee a day when one of our
customers decides they want to write an app that communicates with our
webserver and uses the SSL handshake as authentication, and I want to be
ready for it.

And a couple general questions:
If I have separate test and production servers on separate boxes, do I need
to get two certificates, or can I use the same one on both boxes?
Are any of you guys using encryption higher than 40 bit?  I keep a copy of
128 bit Netscape on my machine, but the only site I visit that uses it is
my broker's.  I'm a little leery of using anything higher than 40 bit, as
most PC's ship with 40 bit IE, and users are generally not very happy when
you make them do things like upgrade their browsers.

Mike Eovino
Estes Express Lines
http://www.estes-express.com

The views, opinions, and judgments expressed in this message are solely
those of the author.  The message contents have not been reviewed or
approved by Estes Express Lines

This communication is confidential and is intended to be privileged.  If
there is a problem with this transmission, please contact the sender.  If
the reader of this message is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.








http://www.as400.ibm.com/tstudio/secure1/server/index2.htm goes through
setting up the http server and then leads into ssl.

William Corbett wrote:
>
> Hi,
> It's probably simple, but I have no idea how to set up a secure page -
> https:// - on my AS400.  Anyone willing to share some specific
information
> or advice?
>


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].