Well for some of us(me specifically) this has been a pain in the rear
1. I have a cert in *SYSTEM cert store named RGTSSLCERT valid until 2020
2. Under Communications/Session Security info on green screen session, I see RGTSSLCERT listed in the Server Cert Info. Security Protocal :none and Security Encryption Level :None under Client Cert tab: No cert has been sent by this client(maybe this is the issue.?????)
3. when I try to connect I get a 420 error code.
4. Under System I navigator my connection shows the Pad Lock
5. when I verify connection in System I Navigator I get a CWBCO1055 (SSL Client Authentication is supported for serve app telnet-ssl ) and
CWBCO1008(Unable to connect to server app Telnet returned 20105)
6. RGTSSLCERT has been imported into my web browser.
What am I missing?
Mike
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of DrFranken
Sent: Friday, January 29, 2016 1:16 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: Re: openssl for telnet on IBM i?
As I see it you have these options:
1) Open Telnet on 23 from the world. Not such a good choice.
2) Create a self-signed cert in DCM and assign it to Telnet. Then use Port 992 and you are secure. Not sure why people think this is hard.
3) Purchase a third party cert and load it into your i and use that to secure Telnet.
4) use SSH port tunneling with say putty on port 22 and let that encrypt your traffic.
5) Use a VPN
6) Something else that I didn't consider. The possibilities are endless.
- Larry "DrFranken" Bolhuis
www.Frankeni.com
www.iDevCloud.com - Personal Development IBM i timeshare service.
www.iInTheCloud.com - Commercial IBM i Cloud Hosting.
On 1/29/2016 11:24 AM, Aaron Bartell wrote:
*This message was transferred with a trial version of CommuniGate(r)
Pro* Does anyone know if you can configure telnet on IBM i to use
certs created by openssl commands? Trying to automate telnet SSL
configuration with a shell script (and at the same time move away from DCM).
Aaron Bartell
litmis.com - Services for open source on IBM i
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
NOTICE: This message, including any attachment, is intended as a confidential and privileged communication. If you have received this message in error, or are not the named recipient(s), please immediately notify the sender and delete this message.