Thanks for your reply Chris
Alan Shore
E-mail : ASHORE@xxxxxxxx
Phone [O] : (631) 200-5019
Phone [C] : (631) 880-8640
'If you're going through hell, keep going.'
Winston Churchill
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Chris Bipes
Sent: Thursday, October 27, 2016 8:04 PM
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxx>
Subject: RE: Connecting to web using TLS
You may have to import the CA certificate from the remote server into your iSeries via DCM. Not their certificate but the Certificate Authority certificate that issues their certificate. You can also turn off SSL strict checking. You will have to console the manual for Krengel Tech RPG-XML Suite to see if they support SSL strict checking or not.
Chris Bipes
Director of Information Services
CrossCheck, Inc.
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Alan Shore
Sent: Thursday, October 27, 2016 11:51 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: RE: Connecting to web using TLS
Thanks for your reply Peter
We are using Krengel Tech RPG-XML Suite and have had no problems with web service calls what so ever For this new company, I have created a proof of concept program (read - quick, with no bells and whistles) and I seem to be connecting, but the error code that I am receiving says that I need to load a certificate onto the AS/400 However - they say I don't need to load a certificate but to use TLS protocol
quote
When we receive a request, we check the level of encryption. We allow merchants to connect to us only in secure https mode using TLS protocols and we strongly recommend to use the most recent and secure versions which are currently TLS 1.1 and 1.2.
Endquote
We followed the instructions from the web site I included below - stopped and started all the INBNDSRVR jobs - but still receive the same error code
Alan Shore
E-mail : ASHORE@xxxxxxxx
Phone [O] : (631) 200-5019
Phone [C] : (631) 880-8640
'If you're going through hell, keep going.'
Winston Churchill
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Peter Connell
Sent: Thursday, October 27, 2016 2:39 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: RE: Connecting to web using TLS
Alan,
We've been having trouble with web service calls to some data providers who now support only TLS protocols.
My impression is that there appear to be issues with the limited number of cipher suites supported by IBM i5 so a successful handshake using IBM legacy or GSK APIs may depend on the ciphers that the provider supports but I'm not certain of this.
I've found that using a simple java program (complied at JDK7) to do the actual connection works fine since JDK70 supports a wider range of ciphers.
Connecting using curl via a PHP script also seems to work.
Cheers, Peter
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Alan Shore
Sent: Friday, 28 October 2016 6:55 AM
To: midrange-l@xxxxxxxxxxxx
Subject: Connecting to web using TLS
Hi everyone
Before I forget, we are on V7r1 (finally) I have been asked to place web service calls but need to use TLS protocols - Quote When we receive a request, we check the level of encryption. We allow merchants to connect to us only in secure https mode using TLS protocols and we strongly recommend to use the most recent and secure versions which are currently TLS 1.1 and 1.2.
endquote
I have searched the web, and the only thing I can find is the following web page
http://www-01.ibm.com/support/docview.wss?uid=nas8N1019971
Does anyone have any other instructions?
Just trying to cover all bases
Alan Shore
E-mail : ASHORE@xxxxxxxx
Phone [O] : (631) 200-5019
Phone [C] : (631) 880-8640
'If you're going through hell, keep going.'
Winston Churchill
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
##############################################################
This correspondence is for the named person's use only. It may contain confidential or legally privileged information, or both. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this correspondence in error, please immediately delete it from your system and notify the sender. You must not disclose, copy or rely on any part of this correspondence if you are not the intended recipient. Any views expressed in this message are those of the individual sender, except where the sender expressly, and with authority, states them to be the views of Veda. If you need assistance, please contact Veda :- Australia
http://www.veda.com.au/contact-us New Zealand
http://www.veda.co.nz/contact-veda
##############################################################
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
As an Amazon Associate we earn from qualifying purchases.