List of Contributions

Martin Fuerderer

Contact Details

My Content

1 to 20 of 26 total

RE: Informix IDS system requirements regarding libncurses 5 vs 6

Posted By Martin Fuerderer Mon September 18, 2023 08:41 AM
Found In Egroup: Informix \ view thread
I stand corrected regarding the symbolic link workaround for the libncurses version 5 vs. version 6 issue: My colleagues informed me, that the libncurses compatibility package is available for RedHat Linux 8, but not for RedHat Linux 9. And it looks like RedHat Tech Support themselves have suggested ...

RE: Informix IDS system requirements regarding libncurses 5 vs 6

Posted By Martin Fuerderer Tue September 12, 2023 04:26 AM
Found In Egroup: Informix \ view thread
Hi Sebastian, yes, I agree with you. Installing the compatibility package for libncurses is the correct way of resolving this issue. Creating a symbolic link as described on that page is a quick-and-dirty method that may be "just good enough" on a developer's machine, but certainly neither ...

RE: using SSL with Informix

Posted By Martin Fuerderer Tue August 01, 2023 07:02 PM
Found In Egroup: Informix \ view thread
Hi Mark, with such a big difference/distance between versions (of client and server), things are a bit confusing. Here are some basics: SSL and TLS (TLS basically being the successor of SSL) are protocols for secure (i.e. encrypted) communication. The two communication partners (server and client) ...

RE: Best way to synchronize tables via HTTPS

Posted By Martin Fuerderer Fri April 21, 2023 08:59 AM
Found In Egroup: Informix \ view thread
Hi Marc, as you are explicitly asking about such an old version, I digged in my notes (which once existed as "The NoSQL Blog" in IBM's developerWorks - until IBM decided to demolish developerWorks). I found the following description. Therefore, I'm not very sure about 12.10.xC3, as I had used 12.10.xC4 ...

RE: Data Masking in Informix

Posted By Martin Fuerderer Fri March 10, 2023 08:47 AM
Found In Egroup: Informix \ view thread
Hi Art, agree. The purpose for using masking should be clarified. I never used LBAC. It may provide a solution to some aspects of the requirement? I just know that setting up and using LBAC is not the easiest thing to do. Hi Andreas, I don't think that the intention of masking is to change ...

RE: Data Masking in Informix

Posted By Martin Fuerderer Fri March 10, 2023 04:39 AM
Found In Egroup: Informix \ view thread
Hi Vicente, I'm not sure about the hashing. I think, "masking" simply should not show any meaningful data, i.e. something like just "XXXX..." or the zero-digit for numerical data (possibly 0 for integers and 0.0 for decimals/floats). Wouldn't hashing make the data somewhat "readable"? Once ...

RE: V14.10.FC9 installer missing librarie(s)?

Posted By Martin Fuerderer Thu November 17, 2022 03:55 AM
Found In Egroup: Informix \ view thread
Hi Hvroje, > But file (original file to which link is created) exists: > ... > So IMHO link should be created anyway. Well, not really. Before creating the link, there is a check, whether the target library (libisi_gsk.so.2.2 in your case) is usable. With GSKit installation missing, libisi_gsk.so.2.2 ...

RE: AWS Snapshot and Informix IDS

Posted By Martin Fuerderer Fri June 24, 2022 06:40 AM
Found In Egroup: Informix \ view thread
From Greg's original description, I'm not sure whether he refers to "snapshots" as what is called "Amazon EBS snapshot" on this page: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html . If this is what Greg is asking about, then I think the Informix blocking can be released ...

RE: PAM/LDAP & Informix Authentication Methods

Posted By Martin Fuerderer Mon February 21, 2022 05:11 AM
Found In Egroup: Informix \ view thread
Hi Mark, PAM does not require LDAP. It's more the other way round: using an appropriate PAM module that implements LDAP, you can do LDAP authentication via PAM. PAM uses a rather generic API definition that lets you use different PAM modules for different authentication methods. Usually, PAM ...

RE: DBSERVERALIASES problematics with sqlhosts

Posted By Martin Fuerderer Wed October 27, 2021 05:42 AM
Found In Egroup: Informix \ view thread
Just to make this more transparent: - the database server instance gets the server names from the configuration parameters DBSERVERNAME and DBSERVERALIASES. - it then needs to find an entry for each of the given names in the sqlhosts file. - each of the sqlhosts entries tells the server, which ...

RE: zombie SQLERR 349

Posted By Martin Fuerderer Tue March 23, 2021 04:27 AM
Found In Egroup: Informix \ view thread
Hi, maybe "onstat -g ses " can give you a bit more information. Most likely, this is an application or user error, basically what the error description says: -349 Database not selected yet. This statement cannot be executed because no current database exists. Either no current database ...

RE: OpenSSL Bug in 14.10.xC5?

Posted By Martin Fuerderer Mon February 01, 2021 10:14 AM
Found In Egroup: Informix \ view thread
Hi, I noted, that your keystore files and password stash files have different file access rights: - The *.kdb file and corresponding *.sth password stash files are readable for everybody. This normally is sensible for the client keystore, as the client keystore normally only contains the certificates ...

RE: GSKit to OpenSSL replay now available

Posted By Martin Fuerderer Thu October 22, 2020 07:28 AM
Found In Egroup: Informix \ view thread
During the Q&A of the webinar session, there was a small confusion about whether the IBM Informix Server can use OpenSSL instead of GSKit. Clarification: IBM Informix Server always uses GSKit only. Even versions 14.10.xC4W1 and newer versions continue to always use GSKit. For the foreseeable future, ...

RE: need some help with onbar Veritas Netbackup (informix 7.31)

Posted By Martin Fuerderer Fri October 09, 2020 05:32 AM
Found In Egroup: Informix \ view thread
Hi Juan Luis, I think, you first need to figure out, how the backups were done: When the backups were done, was LTAPEDEV set to /dev/null? If that was the case, then logical log files were not (never) backed up, as Art Kagel already explained. In this case (LTAPEDEV set to /dev/null or ...

RE: Major Issues with Windows CSDK4.50.FC4W1

Posted By Martin Fuerderer Wed August 19, 2020 09:09 AM
Found In Egroup: Informix \ view thread
Hi Sebastien, I confirm your finding: the problem was caused by omitting the "-caname ..." option in the "openssl pkcs12 -export ..." command when creating the client side keystore. I did some additional digging and ... I admit, that before I was not aware of some peculiar behaviour of the ...

RE: Major Issues with Windows CSDK4.50.FC4W1

Posted By Martin Fuerderer Tue August 18, 2020 12:25 PM
Found In Egroup: Informix \ view thread
Hi Sebastien, I did some profound testing myself, just to be sure. That's why it took me quite a while to answer ... Please copy the file "net.iem" from the server installation to the corrsponding directory in the client installation - just as Javier already recommended. (This is a defect in ...

RE: Major Issues with Windows CSDK4.50.FC4W1

Posted By Martin Fuerderer Mon August 17, 2020 02:02 PM
Found In Egroup: Informix \ view thread
Hi Sebastien, hmm. Interesting. Using GSKit 8.0.55.12, I ran your commands (with my additional change), i.e. as follows: gsk8capicmd_64 -keydb -create -db idstoro2.kdb -pw fourjs -type pkcs12 -stash gsk8capicmd_64 -cert -create -db idstoro2.kdb -stashed -label ifx_encrypt \ -size 2048 -default_cert ...

RE: Major Issues with Windows CSDK4.50.FC4W1

Posted By Martin Fuerderer Mon August 17, 2020 11:58 AM
Found In Egroup: Informix \ view thread
Hi Sebastien, when creating your server certificate, can you please try with using the following parameters: "-ca true -sigalg SHA256WithRSA"? I.e., please replace your command gsk8capicmd_64 -cert -create -db idstoro2.kdb -stashed -label ifx_encrypt \ -size 2048 -default_cert yes -expire ...

RE: Major Issues with Windows CSDK4.50.FC4W1

Posted By Martin Fuerderer Mon August 17, 2020 10:31 AM
Found In Egroup: Informix \ view thread
Thanks, Javier! Yes, seen it and just responded. TIA, Martin --

RE: Major Issues with Windows CSDK4.50.FC4W1

Posted By Martin Fuerderer Mon August 17, 2020 10:14 AM
Found In Egroup: Informix \ view thread
Hi Sebastien, yes, the command you cited: openssl -pkcs12 -export -out client.p12 -passout pass:CLIENTPASSWD \ -in SSL_KEYSTORE_LABEL -file SSL_KEYSTORE_LABEL.cert.pem [ -caname LABEL ] is incorrect in the documentation. The correct command is: openssl pkcs12 -export -out client.p12 ...