Is there any way to share server certificates between SSLSERV and other applications on the same VM system? (In my case the other application is
Illustro z/Web Server for VM.) Do I have to order a separate certificate for each? (Costs $$$.) Essentially, a certificate just certifies a particular domain, so why should I need two of them? I could use the SSLSERV to provide SSL services to the z/Web server, but since the SSLSERV encryption is transparent to the application, there doe s not appear to be any way for an application (CGI) running on the web server to obtain information on the client certificate, or even to know whether the interaction is encrypted (HTTPS) instead of not (HTTP). Does SSLSERV even support client certificates? Does it support HTTPS instead o f HTTP? Given this, I think I have to keep using the SSL support in z/Web server. If I understand this correctly, to get certificate(s) for SSLSERV, I have to do this: 1. Create 'label X509INFO' file. 2. Create the certificate request: ssladmin request label keysize fm 3. Send the certificate request to the CA. 4. Receive server certificate and CA certificates from CA. 5. Receive the certificate into CMS file(s) with a file type of X509CERT. 6. Store any separate CA certificates in the certificates in the certificate database: ssladmin store fn ca label 7. Store the server certificate: ssladmin store fn server I believe the 'request' command stores a 'request' item in the database, and then the 'store fn server' commands associates the server certificate item with the request item. It's this 'association' that is the problem. Is there any way to install a 'request' item from somewhere else into the SSLSERV database? z/Web server has an identical process, except that it uses a web page instead of commands. (The underlying commands do exist, though.) Alan Ackerman Alan (dot) Ackerman (at) Bank of America (dot) com
