I am trying to enable TLS for Navigator in a V7R5 system with its HTTP Group at the latest level (16). According to this document, there should be an option to configure this by right-clicking on ADMIN1. But I only get 'Start' (grayed out because of course the service is started), 'Stop' and 'View log files'. 

Could this be because there is no Local CA added to Navigator? I added the *SYSTEM store, but I am still missing the TLS option. If it is the missing Local CA, which is the path and type for the Local CA? I am not seeing that in DCM.

Also, I know I could try to do this via the old method from the HTTP Admin server but I thought I'd give this a try. 

------------------------------
Alejandro Insfran Beloqui
------------------------------

Dear Alejandro

I see in the Technote you provided that you can use *SYSTEM DCM store as well.  So, no issue in this point if you already created a self-signed (Local) certificate in DCM.

After you applied the latest HTTP group PTF, did you check its application status with WRKPTFGRP to make sure it is applied fine?  Also did you try restarting HTTP Admin server yet?  

If you did both already, based on the fact that all Navigator for i functions are coded in JAVA, I suspect you need to apply latest group PTF for JAVA as well according to this statement "The Navigator for i PTFs are shipped in the HTTP group. It is recommended that you use the latest group PTF and also keep current on related PTF groups listed here:" which is from this Technote:  IBM Navigator for i - PTF Information at   https://www.ibm.com/support/pages/node/6486565

Before applying JAVA group PTF, I suggest you use this JDK in your IBM i :  64-bit Java™ 17 - 5770JV1 option 20 and also set the proper JAVA_HOME env var to ADDENVVAR ENVVAR(JAVA_HOME) VALUE('/QOpenSys/QIBM/ProdData/JavaVM/jdk17/64bit') LEVEL(*SYS) (then check with WRKENVVAR)  and then apply its latest JAVA group PTF.

Navigator for i also needs this component:  Java Toolbox & Extended Base Directory Support - 5770-SS1 option 3.

------------------------------
Satid S
------------------------------

Original Message:
Sent: Fri September 13, 2024 05:30 PM
From: Alejandro Insfran Beloqui
Subject: Missing options when trying to enable TLS for Navigator

I am trying to enable TLS for Navigator in a V7R5 system with its HTTP Group at the latest level (16). According to this document, there should be an option to configure this by right-clicking on ADMIN1. But I only get 'Start' (grayed out because of course the service is started), 'Stop' and 'View log files'. 

Could this be because there is no Local CA added to Navigator? I added the *SYSTEM store, but I am still missing the TLS option. If it is the missing Local CA, which is the path and type for the Local CA? I am not seeing that in DCM.

Also, I know I could try to do this via the old method from the HTTP Admin server but I thought I'd give this a try. 

------------------------------
Alejandro Insfran Beloqui
------------------------------

Unfortunately, the PTF for these changes is not yet available.  The documentation has preceded the release.  It will be approved in 10 days, on 9/26.  It will be in the HTTP group update scheduled for 9/30.  Sorry for the confusion.

------------------------------
Lora R Powell

IBM i – Systems
IBM Navigator for i & Performance on the web (PDI)
IBM i 7.5 Memo to Users
IBM Power Systems Development

Office: 30-2/ C204

Do the next right thing
Let's GO
------------------------------

Original Message:
Sent: Fri September 13, 2024 05:30 PM
From: Alejandro Insfran Beloqui
Subject: Missing options when trying to enable TLS for Navigator

I am trying to enable TLS for Navigator in a V7R5 system with its HTTP Group at the latest level (16). According to this document, there should be an option to configure this by right-clicking on ADMIN1. But I only get 'Start' (grayed out because of course the service is started), 'Stop' and 'View log files'. 

Could this be because there is no Local CA added to Navigator? I added the *SYSTEM store, but I am still missing the TLS option. If it is the missing Local CA, which is the path and type for the Local CA? I am not seeing that in DCM.

Also, I know I could try to do this via the old method from the HTTP Admin server but I thought I'd give this a try. 

------------------------------
Alejandro Insfran Beloqui
------------------------------

That would explain it. Thanks a lot Lora!

------------------------------
Alejandro Insfran Beloqui
------------------------------

Original Message:
Sent: Mon September 16, 2024 09:22 AM
From: Lora R Powell
Subject: Missing options when trying to enable TLS for Navigator

Unfortunately, the PTF for these changes is not yet available.  The documentation has preceded the release.  It will be approved in 10 days, on 9/26.  It will be in the HTTP group update scheduled for 9/30.  Sorry for the confusion.

------------------------------
Lora R Powell

IBM i – Systems
IBM Navigator for i & Performance on the web (PDI)
IBM i 7.5 Memo to Users
IBM Power Systems Development

Office: 30-2/ C204

Do the next right thing
Let's GO

Original Message:
Sent: Fri September 13, 2024 05:30 PM
From: Alejandro Insfran Beloqui
Subject: Missing options when trying to enable TLS for Navigator

I am trying to enable TLS for Navigator in a V7R5 system with its HTTP Group at the latest level (16). According to this document, there should be an option to configure this by right-clicking on ADMIN1. But I only get 'Start' (grayed out because of course the service is started), 'Stop' and 'View log files'. 

Could this be because there is no Local CA added to Navigator? I added the *SYSTEM store, but I am still missing the TLS option. If it is the missing Local CA, which is the path and type for the Local CA? I am not seeing that in DCM.

Also, I know I could try to do this via the old method from the HTTP Admin server but I thought I'd give this a try. 

------------------------------
Alejandro Insfran Beloqui
------------------------------