| Note |
|---|
If you are running IBM i 7.4 and have your Profound UI instance configured to use SSL, please see here. |
...
- Buy a certificate from a vendor like VeriSign or Thawte – this is appropriate for public Internet applications.
- Create your own certificate – this may be appropriate if your users are predominantly internal. By default, browsers will not recognize you as a trusted certificate authority. You have several options for addressing this:
- Instruct users to ignore the browser’s warning message
- Install a local certificate authority (CA) certificate on the end-user’s PC
Ordering a certificate from a trusted vendor like VeriSign
...
, Thawte, or Let's Encrypt
The first step is to create a Certificate Signing Request (CSR). The certificate vendor will need this in order to create your certificate.
...
- This will bring up the CSR form. The important fields are:
- Key size: use the size recommended by the certificate vendor.
- Common Name: Here, you must give the exact host/domain name that users will type into browser address bar to access the site. The browser will give an error/warning message if the host/domain name used to access the site does not match exactly to the certificate Common Name. For example: www.mydomain.com
...
When asked for the port number, you can leave the port to the non-SSL port even if you have two ports listening.
SSL with IBM i 7.4
Due to a bug in IBM i 7.4, customers may receive an Internal Server Error message when using SSL with Profound UI.
To fix this error, please install PTF SI70862 (provided by IBM). You can find more information about this PTF here.