What he said! Also: this is not difficult. IBM should make it clear what root certificate they require. Make sure you get it right -- not just "a DigiCert root" -- DigiCert has about ten different roots, so get the specific name. The names are similar -- often differing only by one word or "G3" versus "G2."
Certificate Authorities do not charge (in my experience) for root certificates. Just go to DigiCert's (or whoever's) Web site and find their downloadable root certificates, get the right one, install it on your system and mark it trusted. If they have a choice of formats, my preference is "PEM" format -- you can cut and paste it with an editor. (Others have different opinions.) We are talking a few thousand bytes. There is a whole body of IBM-MAIN threads and other Web education on how to install a certificate. Charles On Thu, 20 Mar 2025 14:59:44 +0000, Colin Paice <[email protected]> wrote: >Can I spell it out a different way. > >Your client can check the validity of the server's certificate, and make >sure it is IBM you are connected to. >To do this, you need a CA certificate matching the IBM server's >certificate. Most machines have a wide selection, and so this should not be >a problem. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
