Re: Book to implement SSL -- WEB400

The certificate authority's digital ID needs to be in the certificate
store. All the IDs are already there for Verisign's regular IDs, and
other major vendors. Unfortunatly the Verisign trial ID has to be
manually imported into your certificate store in DCM.


-Sarah


On 8/6/06, Pugazh <sapugazh@xxxxxxxxx> wrote:

Guys,

Thank you very much for the information, I did create
the request obtained the trial SSL certificate from
verisign then imported it.

But this is the error msg "An error occurred during
certificate validation. The issuer of the certificate
may not be in the certificate store or the issuer may
not be enabled. " I am getting, Can anyone help?

Thnx
Puga

--- Matt.Haas@xxxxxxxxxxx wrote:

> I don't think there's an easy to follow book but
> here's what you need to
> do (at a high level):
>
> - Install Digital Certificate Manager and
> Cryptographic Access Providers
> (you should also install cumes and group PTF's if
> these were not already
> installed).
> - Create an SSL certificate (there are instructions
> in the InfoCenter on
> this)
> - Use the web admin GUI to set up SSL. It will set
> it up inappropriately
> but it will create an SSL application id. Copy the
> SSL related lines
> that were added to your configuration and delete
> them.
> - Assign the certificate to the just created
> application id.
> - You now have a decision to make on how to set this
> up. You can either
> use virtual hosts or separate instances. In either
> case, you'll need to
> put the SSL related lines you removed from your
> configuration back into
> whatever is handling port 443 traffic.
>
> Two things to keep in mind with this:
>
> - The port of Apache that runs on OS/400 does not
> use OpenSSL so you can
> ignore any generic Apache instructions related to
> OpenSSL.
> - You can only have one SSL certificate per IP
> address. Plan
> accordingly.
>
> Matt
>
> -----Original Message-----
> From: web400-bounces@xxxxxxxxxxxx
> [mailto:web400-bounces@xxxxxxxxxxxx]
> On Behalf Of Pugazh
> Sent: Wednesday, August 02, 2006 10:13 PM
> To: web400@xxxxxxxxxxxx
> Subject: [WEB400] Book to implement SSL
>
> Guys,
>
> Can any of you recommend any easy to follow books
> that
> will help me implement SSL for my website, I need to
> start completely from scratch?
>
> Thnx
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam
> protection around
> http://mail.yahoo.com
> --
> This is the Web Enabling the AS400 / iSeries
> (WEB400) mailing list
> To post a message email: WEB400@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit:
> http://lists.midrange.com/mailman/listinfo/web400
> or email: WEB400-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the
> archives
> at http://archive.midrange.com/web400.
>
>
> --
> This is the Web Enabling the AS400 / iSeries
> (WEB400) mailing list
> To post a message email: WEB400@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit:
> http://lists.midrange.com/mailman/listinfo/web400
> or email: WEB400-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the
> archives
> at http://archive.midrange.com/web400.
>
>


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.