×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Hi Jeff,
I have a client that needs to create a Single Level Self Signed
Certificate on the i5 for communicating with an FTP SSL host. The
host system requires a single certificate that contains the
Certificate Authority and Client Application.
Interesting. Why do they care whether it's single-level or not? Seems
like a strange requirement.
After speaking with IBM support, I was informed that the i5 can not
do this.
That's not exactly true. I may be picking nits with your phrasing,
here, but... The Digital Certificate Manager in i5/OS cannot do what
you ask. However, it's not the i5 itself, but the DCM that has this
limitation.
You could create the certificate on an i5 using OpenSSL.
So it's not a limitation with the i5 -- it's a limitation with a
particular software package, the digital certificate manager.
Unfortunately, since pretty much all software for i5/OS is based on the
DCM, this puts you in a bit of a bind.
Here's what I don't know: If you generate a self-signed single level
certificate via OpenSSL and import it into the DCM, will standard i5/OS
applications (which are based on the DCM) work? Or do you have to use
an OpenSSL-based application for it to work?
In other words, is the limitation only related to generating
certificates, or does it apply to using existing certificates as well?
If all else fails, you could probably do the whole she-bang in PASE, and
bypass the DCM.
midrange.com
