× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



So for authentication, on a ssl framework, what method is commonly used?

I’m looking for increased security over user/password.

This will be to allow 3rd parties to access a webservice api on the i.

And preferably able to test on postman or ARC.

Jay

Sent from my iPhone

On Apr 28, 2020, at 10:57 AM, Justin Taylor <JUSTIN@xxxxxxxxxxxxx> wrote:

I'm not sure why you'd want/need to export your cert for clients to access your HTTPS site. I've never needed to export my Apache cert, and I've never had to install a cert in my browser to access my (or any other) HTTPS site.




-----Original Message-----
From: Jay Vaughn [mailto:jeffersonvaughn@xxxxxxxxx]
Sent: Tuesday, April 28, 2020 9:23 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Apache http ssl certificate - export

Brand new to the administration end of things... but doing well so far I believe in setting up ssl with certificates on the server.

Objective: create ssl http server, create certificate, export off iSeries to any off platform calls into the server via http.

so far...

1.) used DCM to create *system cert store
2.) used DCM to create local CA
3.) used DCM to create certificate
- have attempted to use DCM methods to export the file off the i.
From copy/paste of the certificate info along with the export button
feature to move the certificate to the IFS as a .pfx file.
4.) created http server, using the ssl config wizard for ssl.

I am using postman now to test my api call. using the certificate info i "exported" of the i.
(btw the api call from postman works fine when using regular http
(user/pass) auth... so no problems with the entire process of consuming the api off platform - i'm just stuck now implementing this ssl security)

Through many trial and errors, and many different responses I feel I am
closest at this point... I am getting a...

403 Forbidden
You don't have permission to access this resource.

I can provide error log info as well as other diagnostics from postman if needed.

I feel my issue is how I'm exporting and extracting the certificate info to my pc. I seem to be missing a public key. I only have a CRT and PFX file to provide to postman... i'm missing the KEY file.

any help would be greatly appreciated!

Jay

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.