ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzab6_5.4.0.1/cssl.htm

84 lines
5.6 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Secure sockets" />
<meta name="abstract" content="Currently, i5/OS supports two methods of creating secure socket applications on the iSeries. The SSL_ APIs and Global Secure Toolkit (GSKit) APIs provide communications privacy over an open communications network, which in most cases is the Internet." />
<meta name="description" content="Currently, i5/OS supports two methods of creating secure socket applications on the iSeries. The SSL_ APIs and Global Secure Toolkit (GSKit) APIs provide communications privacy over an open communications network, which in most cases is the Internet." />
<meta name="DC.Relation" scheme="URI" content="aconcepts.htm" />
<meta name="DC.Relation" scheme="URI" content="cgskit.htm" />
<meta name="DC.Relation" scheme="URI" content="cssl2.htm" />
<meta name="DC.Relation" scheme="URI" content="ssltrouble.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2001, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2001, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="cssl" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Secure sockets</title>
</head>
<body id="cssl"><a name="cssl"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Secure sockets</h1>
<div><p>Currently, i5/OS™ supports two methods of creating secure socket
applications on the iSeries™. The SSL_ APIs and Global Secure Toolkit
(GSKit) APIs provide communications privacy over an open communications network,
which in most cases is the Internet.</p>
<p>These APIs allow client/server applications to communicate
in a way that is designed to prevent eavesdropping, tampering, and message
forgery. Both support server and client authentication and both allow an application
to use Secure Sockets Layer (SSL) protocol. However, GSKit APIs are supported
across all IBM<sup>®</sup> <span><img src="eserver.gif" alt="eServer" /></span> platforms, while the SSL_
APIs only exist in the i5/OS operating system. To enhance portability across
platforms, it is recommended that you use GSKit APIs when developing applications
for secure socket connections.</p>
<div class="section"><h4 class="sectiontitle">Overview of secure sockets</h4><p>Originally developed
by Netscape, Secure Sockets Layer (SSL) protocol is a layered protocol that
is intended to be used on top of a reliable transport such as Transmission
Control Protocol (TCP) to provide secure communications for an application.
A few of the many applications that require secure communications are HTTPs,
FTPs, SMTP, and TELNETs.</p>
<p>An SSL-enabled application typically needs
to use a different port than an application that is not SSL-enabled. For example,
an SSL-enabled browser accesses an SSL-enabled Hypertext Transfer Protocol
(HTTP) server with a Universal Resource Locator (URL) that begins "HTTPs"
rather than "HTTP." In most cases, a URL of "HTTPs" attempts to open a connection
to port 443 of the server system instead of to port 80 that the standard HTTP
server uses. </p>
<p>There are multiple versions of the SSL
protocol defined. The latest version, Transport Layer Security (TLS) Version
1.0, provides an evolutionary upgrade from SSL Version 3.0. Both SSL_ APIs
and the GSKit APIs support TLS Version 1.0, TLS Version 1.0 with SSL Version
3.0 compatibility, SSL Version 3.0, SSL Version 2.0, and SSL Version 3.0 with
2.0 compatibility. For more details on TLS Version 1.0, see <a href="http://www.rfc-editor.org" target="_blank">RFC 2246:
"Transport Layer Security"</a><img src="www.gif" alt="Link to IETF search page" />.</p>
</div>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="cgskit.htm">Global Secure ToolKit (GSKit) APIs</a></strong><br />
Global Secure ToolKit (GSKit) is a set of programmable interfaces that allow an application to be SSL enabled.</li>
<li class="ulchildlink"><strong><a href="cssl2.htm">SSL_ APIs</a></strong><br />
The SSL_ APIs allow programmers to create secure socket applications
on iSeries. </li>
<li class="ulchildlink"><strong><a href="ssltrouble.htm">Secure socket API error code messages</a></strong><br />
Use these steps to access information about the secure socket error code messages.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="aconcepts.htm" title="Advanced socket concepts go beyond a general discussion of what sockets are and how they work. They provide ways to design socket applications for larger and more complex networks.">Advanced socket concepts</a></div>
</div>
</div>
</body>
</html>