× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. April 2017

RE: Re: Providing web services using HTTPS

Steps to create a web service on AS/400, test, change the default port to 80**, test, and then finally secure using SSL on the HTTP front end service.

1- Create a new user profile, BRWEB**, copy existing profile
2- Launch IBM Web Admin for i - http://10.x.xx.x:2001
3- Create a Web Services Server, take all defaults.
4- Name the service to match a specified user, matching the user to the desired environment, BRWEBMIS, BRWEBLIV, BRWEBTRP, etc
5- Fill in description - BRC WEB Service - **
6- To test service, All Application Servers, Manage Details, Using Test Service tab, test built in ConvertTemp function.
7- Stop both HTTP and Application Servers
8- General server configuration , change HTTP virtual host default port from 100** to 80**. Each slice needs to use a different port
a. MIS - 8080
b. UP - 8081
c. DevD1 - 8082
d. IT - 8083
e. TP - 8084
f. SP - 8085
9- Manually edit the lwi plug-in from 10052 to 80** - wrklnk /www/BRWEBMIS/conf/lwi-plugin-cfg.xml (Do not change Transport Host)
10- Application server, Manage Details, Properties, Web Services Server, change Default WSDL HTTP port to 80**
11- Start both HTTP and Application server
12- Application Server, Manage Deployed Services, using Test Service tab, test built in ConvertTemp function.
13- Stop both HTTP and Application Servers
14- Using Security tab, turn on SSL on HTTP server
a. SSL - enabled,
b. Server Certificate application name - should match name of Web service
c. HTTPS_PORT environment variable - should be 1st port on internal port range of Web Service.
15- Using DCM, system certificate store, Work with Server Applications, add application.
QIBM_HTTP_SERVER_BRWEBMIS Pencor062010
16- Start both HTTP and Application servers
17- Once SSL is enabled Test Service will no longer function, was designed to work without SSL, per IBM.
18- To test SSL using built in ConvertTemp, right click on "View Definition" to get the URL...then paste that into a browser and change http to https and hit enter, and you should see the xml WSDL file.


-----Original Message-----
From: RPG400-L [mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of Atul Kaulgud
Sent: Tuesday, April 25, 2017 2:16 PM
To: rpg400-l@xxxxxxxxxxxx
Subject: RE: Re: Providing web services using HTTPS

I think, we have to configure DCM(Digital Certificate Manager) and, then, enable SSL option, associate Application ID with SSL option.
Recently I developed web service based on REST, but, unable to try out with SSL because of missing HTTP group PTFs. We have asked to download required PTFs and then probably we will be able to deploy SSL enabled web service

Regards
Atul Kaulgud

-----Original Message-----
From: RPG400-L [mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of rpg400-l-request@xxxxxxxxxxxx
Sent: Tuesday, April 25, 2017 8:46 PM
To: rpg400-l@xxxxxxxxxxxx
Subject: RPG400-L Digest, Vol 16, Issue 164

Send RPG400-L mailing list submissions to
rpg400-l@xxxxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.midrange.com/mailman/listinfo/rpg400-l
or, via email, send a message with subject or body 'help' to
rpg400-l-request@xxxxxxxxxxxx

You can reach the person managing the list at
rpg400-l-owner@xxxxxxxxxxxx

When replying, please edit your Subject line so it is more specific than
"Re: Contents of RPG400-L digest..."


*** NOTE: When replying to this digest message, PLEASE remove all text unrelated to your reply and change the subject line so it is meaningful.

Today's Topics:

1. Re: Accessing Database vs Dataarea (Barbara Morris)
2. Providing web services using HTTPS (Douglas Handy)
3. Re: Providing web services using HTTPS (Bradley Stone)
4. RE: Providing web services using HTTPS (Kevin Bucknum)
5. Re: Providing web services using HTTPS (Jose Perez)
6. RE: Providing web services using HTTPS (Kevin Bucknum)


----------------------------------------------------------------------

message: 1
date: Mon, 24 Apr 2017 16:35:07 -0400
from: Barbara Morris <bmorris@xxxxxxxxxx>
subject: Re: Accessing Database vs Dataarea

On 2017-04-24 8:57 AM, Michael Quigley wrote:
...
I would love to hear from someone with some knowledge about the
internal implementation of IN. i.e., Is the data area object and
associated pointers resolved each time?


RPG does indeed resolve to the data area for each IN operation. (But if there had been a previous IN *LOCK, it wouldn't re-resolve until there was an OUT without *LOCK, or an UNLOCK.)

Here's a little program you can use to test this out. Create a data area called MYDTAARA *CHAR LEN(10) in QTEMP, with value 'qtemp', and another one in some other library that's not in your library list, with some value other than 'qtemp'.

When the command line pops up, add that other library to your library list.

dcl-s mydtaara char(10) dtaara;
dcl-pr qcmd extpgm end-pr;
in mydtaara;
dsply mydtaara;
qcmd();
in mydtaara;
dsply mydtaara;
return;

Here's my joblog:

5 > call bmorris/test
DSPLY qtemp
6 > addlible bmorris
Library BMORRIS added to library list.
End of requests.
DSPLY bmorris

--
Barbara



------------------------------

message: 2
date: Mon, 24 Apr 2017 20:22:22 -0400
from: Douglas Handy <dhandy@xxxxxxxxx>
subject: Providing web services using HTTPS

I am setting up a web service following the methods described by Scott Klement in his presentation at:

http://www.scottklement.com/presentations/Providing%20RPG%20Web%20Services%2
0on%20IBM%20i.pdf

I can get everything to work when using http:// but I'd like the traffic to happen of TLS 1.x instead of plain text. The web service runs on its own port, not 80 or 443. This works:

http://myserver.com:xxxx/yada/yada/yada

This does not work:

https://myserver.com:xxxx/yada/yada/yada

Nothing in the server instance httpd.conf seems to be related, other than the listen port of xxxx.

I also can't find discussion of this in the XMLHttpRequest docs at:

https://xhr.spec.whatwg.org/

I can control both the client and server side, so one option would be for me to do my own encrypt / decrypt (and EBDIC conversion) and pass binary data instead of trying to piggy back off https support.

But is there a way to have the web service traffic just take advantage of the HTTPS support?


------------------------------

message: 3
date: Tue, 25 Apr 2017 07:10:39 -0500
from: Bradley Stone <bvstone@xxxxxxxxx>
subject: Re: Providing web services using HTTPS

By default http:// uses port 80. Also https:// uses port 443 by default.

If you're using SSL on a different port, you'll need to specify the port:

https://service.org:4433



Bradley V. Stone
www.bvstools.com
Native IBM i e-Mail solutions for Microsoft Office 365, Gmail, or any Cloud Provider!

On Mon, Apr 24, 2017 at 7:22 PM, Douglas Handy <dhandy@xxxxxxxxx> wrote:

I am setting up a web service following the methods described by Scott
Klement in his presentation at:

http://www.scottklement.com/presentations/Providing%20RPG%
20Web%20Services%20on%20IBM%20i.pdf

I can get everything to work when using http:// but I'd like the
traffic to happen of TLS 1.x instead of plain text. The web service
runs on its own port, not 80 or 443. This works:

http://myserver.com:xxxx/yada/yada/yada

This does not work:

https://myserver.com:xxxx/yada/yada/yada

Nothing in the server instance httpd.conf seems to be related, other
than the listen port of xxxx.

I also can't find discussion of this in the XMLHttpRequest docs at:

https://xhr.spec.whatwg.org/

I can control both the client and server side, so one option would be
for me to do my own encrypt / decrypt (and EBDIC conversion) and pass
binary data instead of trying to piggy back off https support.

But is there a way to have the web service traffic just take advantage
of the HTTPS support?
--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L) mailing list To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD



------------------------------

message: 4
date: Tue, 25 Apr 2017 07:29:03 -0500
from: "Kevin Bucknum" <Kevin@xxxxxxxxxxxxxxxxxxx>
subject: RE: Providing web services using HTTPS

You have to config the server side to serve it as HTTPS. It's more than just changing the URL. In the IBM Web Administrator for i screens, Find the HTTP server that is serving your web service. You can either select it from the HTTP Servers tab, or if you go to your server in the Application Servers tab, there is a link on the left that will take you to your http server. Click on the Security link on the left hand side once you are in your http server config page, enable SSL, and fill out all the required fields. The SSL advanced tab lets your control the TLS versions and ciphers that you will accept.




Kevin Bucknum
Senior Programmer Analyst
MEDDATA/MEDTRON
Tel: 985-893-2550

-----Original Message-----
From: RPG400-L [mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of
Douglas Handy
Sent: Monday, April 24, 2017 7:22 PM
To: RPG programming on the IBM i / System i
Subject: Providing web services using HTTPS

I am setting up a web service following the methods described by Scott
Klement in his presentation at:

http://www.scottklement.com/presentations/Providing%20RPG%20Web%2
0Services%20on%20IBM%20i.pdf

I can get everything to work when using http:// but I'd like the
traffic to
happen of TLS 1.x instead of plain text. The web service runs on its
own port,
not 80 or 443. This works:

http://myserver.com:xxxx/yada/yada/yada

This does not work:

https://myserver.com:xxxx/yada/yada/yada

Nothing in the server instance httpd.conf seems to be related, other
than
the listen port of xxxx.

I also can't find discussion of this in the XMLHttpRequest docs at:

https://xhr.spec.whatwg.org/

I can control both the client and server side, so one option would be
for me
to do my own encrypt / decrypt (and EBDIC conversion) and pass binary
data
instead of trying to piggy back off https support.

But is there a way to have the web service traffic just take advantage
of the
HTTPS support?
--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L)
mailing list To post a message email: RPG400-L@xxxxxxxxxxxx To
subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD


------------------------------

message: 5
date: Tue, 25 Apr 2017 10:36:53 -0400
from: Jose Perez <joseenocperez.jp@xxxxxxxxx>
subject: Re: Providing web services using HTTPS

Sql has a lot easier way to access resources on the web, its functions are powerful enough to access and consume data from many sources. for example httpGetClob retrieve resources from a given URL using the get method and httpPutClob Create textual resources in a given URL using the put method, your don't even need to create REST or SOAP services on the web.

On Tue, Apr 25, 2017 at 8:29 AM, Kevin Bucknum <Kevin@xxxxxxxxxxxxxxxxxxx>
wrote:

You have to config the server side to serve it as HTTPS. It's more
than just changing the URL. In the IBM Web Administrator for i
screens, Find the HTTP server that is serving your web service. You
can either select it from the HTTP Servers tab, or if you go to your
server in the Application Servers tab, there is a link on the left
that will take you to your http server. Click on the Security link on
the left hand side once you are in your http server config page,
enable SSL, and fill out all the required fields. The SSL advanced tab
lets your control the TLS versions and ciphers that you will accept.




Kevin Bucknum
Senior Programmer Analyst
MEDDATA/MEDTRON
Tel: 985-893-2550

-----Original Message-----
From: RPG400-L [mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of
Douglas Handy
Sent: Monday, April 24, 2017 7:22 PM
To: RPG programming on the IBM i / System i
Subject: Providing web services using HTTPS

I am setting up a web service following the methods described by
Scott Klement in his presentation at:

http://www.scottklement.com/presentations/Providing%20RPG%20Web%2
0Services%20on%20IBM%20i.pdf

I can get everything to work when using http:// but I'd like the
traffic to
happen of TLS 1.x instead of plain text. The web service runs on
its
own port,
not 80 or 443. This works:

http://myserver.com:xxxx/yada/yada/yada

This does not work:

https://myserver.com:xxxx/yada/yada/yada

Nothing in the server instance httpd.conf seems to be related, other
than
the listen port of xxxx.

I also can't find discussion of this in the XMLHttpRequest docs at:

https://xhr.spec.whatwg.org/

I can control both the client and server side, so one option would
be
for me
to do my own encrypt / decrypt (and EBDIC conversion) and pass
binary
data
instead of trying to piggy back off https support.

But is there a way to have the web service traffic just take
advantage
of the
HTTPS support?
--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L)
mailing list To post a message email: RPG400-L@xxxxxxxxxxxx To
subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our
affiliate
link: http://amzn.to/2dEadiD
--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L) mailing list To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD



------------------------------

message: 6
date: Tue, 25 Apr 2017 10:15:35 -0500
from: "Kevin Bucknum" <Kevin@xxxxxxxxxxxxxxxxxxx>
subject: RE: Providing web services using HTTPS

I'm not sure that I understand, how does the http clob functions allow you to provide a web service. I haven't actually used them yet, but they look to be clients to me, not servers.




Kevin Bucknum
Senior Programmer Analyst
MEDDATA/MEDTRON
Tel: 985-893-2550

-----Original Message-----
From: RPG400-L [mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of
Jose
Perez
Sent: Tuesday, April 25, 2017 9:37 AM
To: RPG programming on the IBM i (AS/400 and iSeries)
Subject: Re: Providing web services using HTTPS

Sql has a lot easier way to access resources on the web, its
functions are
powerful enough to access and consume data from many sources. for
example httpGetClob retrieve resources from a given URL using the get
method and httpPutClob Create textual resources in a given URL using
the
put method, your don't even need to create REST or SOAP services on
the
web.

On Tue, Apr 25, 2017 at 8:29 AM, Kevin Bucknum
<Kevin@xxxxxxxxxxxxxxxxxxx>
wrote:

You have to config the server side to serve it as HTTPS. It's more
than just changing the URL. In the IBM Web Administrator for i
screens, Find the HTTP server that is serving your web service. You
can either select it from the HTTP Servers tab, or if you go to your
server in the Application Servers tab, there is a link on the left
that will take you to your http server. Click on the Security link
on
the left hand side once you are in your http server config page,
enable SSL, and fill out all the required fields. The SSL advanced
tab
lets your control the TLS versions and ciphers that you will accept.




Kevin Bucknum
Senior Programmer Analyst
MEDDATA/MEDTRON
Tel: 985-893-2550

-----Original Message-----
From: RPG400-L [mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of
Douglas Handy
Sent: Monday, April 24, 2017 7:22 PM
To: RPG programming on the IBM i / System i
Subject: Providing web services using HTTPS

I am setting up a web service following the methods described by
Scott Klement in his presentation at:


http://www.scottklement.com/presentations/Providing%20RPG%20Web%2
0Services%20on%20IBM%20i.pdf

I can get everything to work when using http:// but I'd like the
traffic to
happen of TLS 1.x instead of plain text. The web service runs on
its
own port,
not 80 or 443. This works:

http://myserver.com:xxxx/yada/yada/yada

This does not work:

https://myserver.com:xxxx/yada/yada/yada

Nothing in the server instance httpd.conf seems to be related,
other
than
the listen port of xxxx.

I also can't find discussion of this in the XMLHttpRequest docs
at:

https://xhr.spec.whatwg.org/

I can control both the client and server side, so one option would
be
for me
to do my own encrypt / decrypt (and EBDIC conversion) and pass
binary
data
instead of trying to piggy back off https support.

But is there a way to have the web service traffic just take
advantage
of the
HTTPS support?
--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L)
mailing list To post a message email: RPG400-L@xxxxxxxxxxxx To
subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx Before posting, please
take
a moment to review the archives at
http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our
affiliate
link: http://amzn.to/2dEadiD
--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L) mailing list To post a message email:
RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx Before posting, please take
a
moment to review the archives at
http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our
affiliate
link: http://amzn.to/2dEadiD

--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L)
mailing list To post a message email: RPG400-L@xxxxxxxxxxxx To
subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD


------------------------------

Subject: Digest Footer

--
This is the RPG programming on the IBM i (AS/400 and iSeries) (RPG400-L) digest list To post a message email: RPG400-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link:
http://amzn.to/2dEadiD

------------------------------

End of RPG400-L Digest, Vol 16, Issue 164
*****************************************

--
This is the RPG programming on the IBM i (AS/400 and iSeries) (RPG400-L) mailing list To post a message email: RPG400-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at http://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: http://amzn.to/2dEadiD

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.