Good morning.
I am working on trying to establish a connection between an iSeries 7.3 system and SLES 15 using a Remote Outqueue and the CUPSD/LPD Listener on the SLES Server and everything appears to be communicating as they are seeing a TLS error on their side, when I release a document from the Remote Outqueue.
So, they generated and provided a .pfx file for the certificate/key pair (self-signed) and when I attempted to import it via DCM, it's saying that I need a CA and that one is not present.
Shouldn't the CA be a part of that .pfx file or am I missing something?
I have no experience with setting up Certificate and Key pairs in IBM i, so I would appreciate any assistance or even a beginner's Guide on using this.
I've installed certificates in other Operating systems and even on Web Servers and I've never encountered so much difficulty with something like this.
This is the error that I'm encountering when attempting to import the .pfx file into the *SYSTEM Certificate Store:
"The Certificate Authority (CA) certificate containing the public key needed for certificate validation may not exist in the certificate store."
If I attempt to import the extracted .crt or .key file in, I get a CCSID error and I did FTP these files to the IFS. I've tried changing the object properties to CCSID 1208 for both files and the .pfx was uploaded as BIN.
I also have a .pem file, which worked fine with our EDI system (for testing valid certificate data), however I get the CA related error when trying to import it through DCM (*SYSTEM)
Thank you,
Randy Stevenson
MWI Animal Health
------------------------------
Randy Stevenson
------------------------------