|
GOT IT WORKING gasp pant phew.
1. I had to add the keystore password manually to
/QIBM/UserData/OS/ADMININST/admin1/wlp/usr/servers/admin1/server.env
- keystore_password=vad_som_helst
I don't know why I had to do this manually, but after I did this, Navigator
came up on 2003 with TLS.
BUT THEN I COULDN'T CONNECT TO THE SERVER FROM iNAVIGATOR! ARGH!
Here's what I discovered.
1. The instructions for using TLS to connect Navigator to the host
server threads are here
<https://www.ibm.com/docs/en/i/7.5?topic=options-setting-up-tls-encryption#rzat10tlsencryption__browser_conn_navigator>
.
2. I had done this prior to setting up Navigator itself for TLS. <<
Don't do this!
3. When TLS is activated for the Navigator itself, apparently only then
the setup for TLS->the host server threads used by iNavigator is activated!
4. The TLS setup for iNavigator itself*uses the DCM keystore*.
5. The TLS setup for iNavigator to connect to the host server threads *uses
the Java keystore*.
6. Our setup has a self signed certificate whose self-signed CA is not
in the Java keystore.
7. So when I activated TLS correctly (by manually adding the DCM
keystore password to server.env) that activated the TLS connection to the
host server threads, which*did not work* because the self-signed
certificate (or its self-signed CA) is not in the Java keystore.
Anyway, I'm up and running now. Thanks everyone for the help and
encouragement!
This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
