Re: SSL_Handshake() returns -23 not signed by a trusted

[Tim Bronski <tim.bronski@xxxxxxxxx>]

You have to provide a server certificate/key. It's what ssl on the ibm i 
requires you to do even though you dont HAVE to have one to get ssl to 
work. You can either do that by creating an application and linking a 
server cert to it or you can give the path to the file directly. If you 
use the *ssl_init_application* api you have to provide an application 
name. If you use the *ssl_init* api instead you can provide the 
cert/keyring file name directly. You can use the default one 
e.g.*sslinit.keyringFileName =  
"/QIBM/USERDATA/ICSS/CERT/SERVER/DEFAULT.KYR" with 
sslinit.keyringPassword = NULL;

*
On 11/14/2013 12:38 AM, bbresc512@xxxxxxxxxx wrote:
> Hi Tim,
> Thanks a lot! I just now came around to try it and it worked.
>
> Also, SSL_Init_Application() seems to require application ID. Is there a way
> to avoid registering application? I don't want to use client certificate. I
> just want to encrypt the communication.
>
> Thanks
> Boris.
>
> -----Original Message-----
> From: c400-l-bounces@xxxxxxxxxxxx [mailto:c400-l-bounces@xxxxxxxxxxxx] On
> Behalf Of c400-l-request@xxxxxxxxxxxx
> Sent: Thursday, October 24, 2013 1:00 PM
> To: c400-l@xxxxxxxxxxxx
> Subject: C400-L Digest, Vol 11, Issue 31
>
> Send C400-L mailing list submissions to
> 	c400-l@xxxxxxxxxxxx
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://lists.midrange.com/mailman/listinfo/c400-l
> or, via email, send a message with subject or body 'help' to
> 	c400-l-request@xxxxxxxxxxxx
>
> You can reach the person managing the list at
> 	c400-l-owner@xxxxxxxxxxxx
>
> When replying, please edit your Subject line so it is more specific than
> "Re: Contents of C400-L digest..."
>
>
> Today's Topics:
>
>     1. Re: SSL_Handshake() returns -23 not signed by a trusted
>        certificate authority (Tim Bronski)
>
>
> ----------------------------------------------------------------------
>
> message: 1
> date: Wed, 23 Oct 2013 21:05:44 +0200
> from: Tim Bronski <tim.bronski@xxxxxxxxx>
> subject: Re: [C400-L] SSL_Handshake() returns -23 not signed by a
> 	trusted certificate authority
>
> You need to create a function for the handshake and set the ssh handle
> (psslh) member exitPgm to the function address :
>     psslh -> exitPgm = &SSLcertCheck;
>
> where SSLcertCheck has this prototype
> int SSLcertCheck (SSLHandle *);
>
> and returns 1 like this:
>
> int SSLcertCheck (SSLHandle *sslh)
> {
>     return 1;
>    }
>
> On 10/23/2013 4:18 PM, bbresc512@xxxxxxxxxx wrote:
> > Hi Everybody,
> >
> > Is there a way to avoid SSL_Handshake return "not signed by a trusted
> > certificate authority" error? I don't really care if it's not trusted.
> > I just want to encrypt the connection.
> >
> >    
> >
> > Thanks
> >
> > Boris.
> >
> >    
> >
> >    
> --
> Need secure FTP? Download your native sFTP solution here:
> www.arpeggiosoftware.com
>
>
> ------------------------------