[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cert from webservice

To: <ftpapi@xxxxxxxxxxxxx>
Subject: Re: cert from webservice
From: "Jay Peasley" <jpeasley@xxxxxxxxxxx>
Date: Wed, 16 Nov 2005 18:25:46 -0500
References: <20051006145838.E12940@grungy.dstorm.net><01dc01c5eafc$196dc690$1e977347@NetvistaJay><20051116164651.B48914@grungy.dstorm.net>
Reply-to: ftpapi@xxxxxxxxxxxxx
Sender: owner-ftpapi@xxxxxxxxxxxxx

Sender: "Jay Peasley" <jpeasley@xxxxxxxxxxx>

Scott,

When I imported the certificate DCM placed it as a CA cert, though I was in
manage client applications at the time. When I try to update the certificate
assignment for a client application, the list of available certificates are
ones specific to the iSeries and not from any CA.

YourPay is sending us a self signed cert that they want to be sent with the
SSL transaction, not a cert signed by a CA for the server. If http-api uses
DCM to get the cert and I can't specify a CA cert for a client application,
then I am kinda stuck.

There is a Java wrapper that will purportedly do this, but I am unsure if
the iSeries flavor of it will work. I also don't know Java.

I hope this explains it.

Jay

----- Original Message ----- 
From: "Scott Klement" <sk@xxxxxxxxxxxxxxxx>
To: <ftpapi@xxxxxxxxxxxxx>
Sent: Wednesday, November 16, 2005 5:48 PM
Subject: Re: cert from webservice


> Sender: Scott Klement <sk@xxxxxxxxxxxxxxxx>
>
>
>
> > We are trying to connect to YourPay.com for credit card validation. They
> > sent a PEM file that they want to use to certify the connection with
them.
> > They do not want to trust our signed cert. I converted the PEM cert to a
P12
> > cert with opoenSSL and imported it to DCM. Unfortunately DCM won't
attach it
> > to a client application.
>
> What do you mean by "won't attach it to a client application"?  Do you get
> an error message?  What does it say?
>
>
> > Is there any way in HTTP-API to manually attach the cert used for an
> > application?
>
> HTTPAPI doesn't perform it's own cryptography.  Instead, it uses the SSL
> engine that's built in to OS/400.  Unfortunately, that means you have to
> use the operating system's interfaces (that is, the DCM) to configure your
> certificates.
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubsribe from the list send mail
> to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
> -----------------------------------------------------------------------
>


-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------

Follow-Ups:
- Re: cert from webservice
  - From: Scott Klement

References:
- cert from webservice
  - From: Jay Peasley
- Re: cert from webservice
  - From: Scott Klement

Prev by Date: Re: cert from webservice
Next by Date: Re: cert from webservice
Previous by thread: Re: cert from webservice
Next by thread: Re: cert from webservice
Index(es):
- Date
- Thread