?
Solved

How do i setup SSL to connect to a web service using iseries Web Service Client for ILE?

Posted on 2008-10-28
1
Medium Priority
?
1,642 Views
Last Modified: 2013-12-06
I'm trying to connect to a web service using the iSeries Web Service Client for ILE.  I created the C stubs and was provided a self-signed SSL certificate for access to the remote web service.  I used Digital Certificate Manager (DCM) to import the self-signed (Trusted) SSL certificate.  It was imported as a certificate authority (CA) to the *SYSTEM certificate store.  Now that i'm trying to use the certificate that has been imported to connect to the remote server, when i get to the code axiscStubIncludeSecure, axiscStubSetSecure(stub, "/QIBM/USERDATA/ICSS/CERT/SERVER/DEFAULT.KDB", "<password>", "<label>", "NONE", "05", "NONE", 0); axiscStubIncludeSecure(stub);
 
it fails.. with the following error:
 
AXIS EXCEPTION: (                                                  
23                                                                  
)                                                                  
HTTPTransportException: HTTPS transport error.                      
GSKit Error is 428 - No certificate is available for SSL processing.

Unable to determine why the imported self-signed certificate authority is not available to the program?  Any insight would be greatly appreciated.
0
Comment
Question by:edrobjr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 33

Accepted Solution

by:
shalomc earned 2000 total points
ID: 22843164
the self signed certificate is installed in the wrong place.
I don't remember the details on iSeries, but here is an overview of certificate usage:

Every CA has its private CA certificate. It is used to sign other certificates, both for clients and for servers.

Every client that uses SSL must have a certificate. A self signed cert is usually good enough, unless you use PKI, in which case you will need a client certificate signed by a Certifcation Authority (CA).

Every server that uses SSL must have a certificate. A self signed cert is good for development and for internal applications. A certificate signed by a private organizational CA is better, and is a must if you use PKI. Public servers should use certificates signed and authorized by well known Certification Authorities to prevent phishing and to improve the user experience.

As I understand, you self issued a certificate for the client and then used it for the CA. Bad idea.

ShalomC

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question