× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. January 2017

RE: SSL certificates for applications

In this case it sounds like your iSeries is the client, connecting to a remote server. (internal to your network). To secure the communications you just need to trust the SSL certificate issuer of the remote server. To trust your remote server, you will need to import their CA in to your iSeries certificate store. So using DCM you will import a CA certificate into the *SYSTEM store. You do not need a client application certificate on the iSeries to identify yourself in most cases. Especially if this is all internal.

Chris Bipes
Director of Information Services
CrossCheck, Inc.

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Alasdair Simpson
Sent: Thursday, January 12, 2017 1:20 AM
To: midrange-l@xxxxxxxxxxxx
Subject: Re: SSL certificates for applications

Hi

I am not sure if we do REQUIRE both, I just know that an external auditor has determined that the data travelling between two internal servers should be encrypted.

As far as I know, with one of those servers being an iSeries, that can only be achieved by using SSL to secure the specific application which transfers the data (the iSeries calls a web service running on the other server and parses the results).

|From what we have experienced with Third parties like Experian, we define an application on the iSeries and the Third party issues us with a Server or Client level certificate which we import into the DCM *SYSTEM store and then link to the application name we have defined. They (the third party) handle the certification on the other server.

Because in this instance both servers are ours, we don't not really know how to go about asking for the relevant certificates or generating them.

We have tried using the DCM to create a local CA and then a Server or Client level certificate from that, but we then cannot import that certificate into a windows environment to decrypt at the other end.
If we create a CA certificate on Windows, we can import that into the iSeries DCM, but can't attach it to an application because it is the wrong level.

Is there some extra step I'm missing?


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.