|
This isn't what he's trying to do. All he's trying to do is setup SSL for his web server. There's no need to write a program to do this. Matt -----Original Message----- From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Niels Liisberg Sent: Wednesday, August 02, 2006 11:33 PM To: Web Enabling the AS400 / iSeries Subject: Re: [WEB400] Book to implement SSL Hi Pugazh; If you are doing it the programmatic way you have (at least) two choices - GSK or plain SSL. I have used the last (ssl.h) and it has all I require: Besides you only have to initialize the SSL with a certificate from the certificate store on your system i - you can find that by referring to your system i in a browser and the port 2001 like http://MySystemI:2001 and create a certificate. Place it under /QIBM/USERDATA/ICSS/CERT/CERTAUTH/DEFAULT.KDB - and then you are good to go. You have at least five algorithms to provide when you are doing SSL - I use the RSA version RC4/128 bit which has enough strength and is fast at the same time ..... In IceBreak the underlying code looks like: if (svr00r.SVPROT != PROTOCOL_HTTPS) { http.pSsl = SSL_Create(Socket , SSL_DONT_ENCRYPT); } else { SSLInit sslinit; USHORT cipher = SSL_RSA_WITH_RC4_128_SHA; svr00r.SVCEPF.data[svr00r.SVCEPF.len] =0; if (BeginsWith(svr00r.SVCEPF.data , "*DFT")) { sslinit.keyringFileName = "/QIBM/USERDATA/ICSS/CERT/CERTAUTH/DEFAULT.KDB"; } else { sslinit.keyringFileName = svr00r.SVCEPF.data; } svr00r.SVCEPW.data[svr00r.SVCEPW.len] =0; sslinit.keyringPassword = svr00r.SVCEPW.data; sslinit.cipherSuiteList = &cipher; sslinit.cipherSuiteListLen = 1; rc = SSL_Init(&sslinit); if (rc < 0) { trace ( "SSL initialization failed reason %d error: %s", rc, strerror(errno)) ; } http.pSsl = SSL_Create(Socket , SSL_ENCRYPT); /* set up parameters for handshake */ http.pSsl->protocol = 0; http.pSsl->timeout = 0; http.pSsl->cipherSuiteList = &cipher; http.pSsl->cipherSuiteListLen = 1; rc = SSL_Handshake(http.pSsl, SSL_HANDSHAKE_AS_SERVER); if (rc < 0) { trace ("SLL Handshake failed reason %d Error: %s", rc, strerror(errno)); } } Finaly you have to terminate the SSL with SLL_Destroy .... ----- Original Message ----- From: "Pugazh" <sapugazh@xxxxxxxxx> To: <web400@xxxxxxxxxxxx> Sent: Thursday, August 03, 2006 4:12 AM Subject: [WEB400] Book to implement SSL
Guys, Can any of you recommend any easy to follow books that will help me implement SSL for my website, I need to start completely from scratch? Thnx __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/web400 or email: WEB400-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/web400.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.