×

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.



  1.  Home
  2. WEB400
  3. August 2006

Re: Book to implement SSL

This isn't what he's trying to do. All he's trying to do is setup SSL
for his web server. There's no need to write a program to do this.

Matt 

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Niels Liisberg
Sent: Wednesday, August 02, 2006 11:33 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Book to implement SSL

Hi Pugazh;

If you are doing it the programmatic way you have (at least) two choices
- 
GSK or plain SSL. I have used the last (ssl.h) and it has all I require:

Besides you only have to initialize the SSL with a certificate from the 
certificate store on your system i - you can find that by referring to
your 
system i in a browser and the port 2001 like

http://MySystemI:2001

and create a certificate. Place it under 
/QIBM/USERDATA/ICSS/CERT/CERTAUTH/DEFAULT.KDB  - and then you are good
to 
go.

You have at least five algorithms to provide when you are doing SSL - I
use 
the RSA version RC4/128 bit which has enough strength and is fast at the

same time .....

In IceBreak the underlying code looks like:

if (svr00r.SVPROT != PROTOCOL_HTTPS) {
    http.pSsl = SSL_Create(Socket , SSL_DONT_ENCRYPT);
} else {
   SSLInit sslinit;
   USHORT cipher = SSL_RSA_WITH_RC4_128_SHA;
   svr00r.SVCEPF.data[svr00r.SVCEPF.len] =0;
   if (BeginsWith(svr00r.SVCEPF.data , "*DFT")) {
      sslinit.keyringFileName    = 
"/QIBM/USERDATA/ICSS/CERT/CERTAUTH/DEFAULT.KDB";
   } else {
      sslinit.keyringFileName    = svr00r.SVCEPF.data;
   }
   svr00r.SVCEPW.data[svr00r.SVCEPW.len] =0;
   sslinit.keyringPassword    = svr00r.SVCEPW.data;
   sslinit.cipherSuiteList    = &cipher;
   sslinit.cipherSuiteListLen = 1;
   rc = SSL_Init(&sslinit);
   if (rc < 0) {
      trace ( "SSL initialization failed reason %d error: %s", rc, 
strerror(errno)) ;
   }
   http.pSsl = SSL_Create(Socket , SSL_ENCRYPT);
/* set up parameters for handshake */
   http.pSsl->protocol = 0;
   http.pSsl->timeout = 0;
   http.pSsl->cipherSuiteList = &cipher;
   http.pSsl->cipherSuiteListLen = 1;
   rc = SSL_Handshake(http.pSsl, SSL_HANDSHAKE_AS_SERVER);
   if (rc < 0) {
       trace ("SLL Handshake failed reason %d Error: %s", rc, 
strerror(errno));
   }
}



Finaly you have to terminate the SSL with SLL_Destroy ....



----- Original Message ----- 
From: "Pugazh" <sapugazh@xxxxxxxxx>
To: <web400@xxxxxxxxxxxx>
Sent: Thursday, August 03, 2006 4:12 AM
Subject: [WEB400] Book to implement SSL



Guys,

Can any of you recommend any easy to follow books that
will help me implement SSL for my website, I need to
start completely from scratch?

Thnx


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-- 
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.