Thx Patrick.

I can agree/discover their are hoops to jump through because they are free and still explore the cheap route. :) If I didn’t I may be doing myself an injustice.

Anyhow, yep I know those basics you lined out.

Looks like I’ll just need to “buy” a cert to instill the “trust” among servers. I really do think my research has led me to this conclusion.

Thx for the input.

Jay

On Aug 1, 2020, at 11:23 AM, Patrik Schindler <poc@xxxxxxxxxx> wrote:

Hello Jay,

Am 01.08.2020 um 16:17 schrieb Jay Vaughn <jeffersonvaughn@xxxxxxxxx>:

I hear you on the get what you pay for part of it!

IBM i yearly rent seems enough that wholesome support for Letsencrypt-Certs without any DNS-tweaking from IBM is easily justified. Besides, you were the first one bringing up the Letsencrypt topic. ;-)

Reviewing your OP: Letsencrypt does *not* support intermediate certs to be signed. Only for end devices.

I have a web app I want to make api requests to IBMi. I can produce the cert with DCM and export to .pfx for client (And that works) but don’t want to have to be manual effort to apply that .pfx cert to all clients that visit website. Make sense?

This is what CAs are for. You give a Certificate Request to the CA for signing and approving that the key is legit. All clients having the CA's certificate will then accept the (signed) certificate.

pfx is just a container for either the Request, the (signed) cert, or the private key (which you should never give out to anyone).

:wq! PoC

PGP-Key: DDD3 4ABF 6413 38DE - https://www.pocnet.net/poc-key.asc


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.