Difference between revisions of "Using secured connections"
m (Alexei.baranov moved page SSL conections secure to Using secured connections without leaving a redirect) |
Pavel.lobko (talk | contribs) |
||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | {{DISPLAYTITLE: | + | {{DISPLAYTITLE:Using secured connections}} |
i2Rest Server uses standard [https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_71/apis/unix9a.htm IBM i GSK API] to protect connections. | i2Rest Server uses standard [https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_71/apis/unix9a.htm IBM i GSK API] to protect connections. | ||
;Step 1 | ;Step 1 | ||
| − | :Create text file named I2RESTECHO.PCML anywhere on IFS, for example "/tmp/PCML/i2restecho.pcml". Copy and paste following code. It represents a description for the sample program I2RESTECHO, that is included into i2Rest Server installation for demonstration purposes: | + | :''This step is the same as in the basic example. You can skip this step if you've done the basic scenario.''<br/>Create text file named I2RESTECHO.PCML anywhere on IFS, for example "/tmp/PCML/i2restecho.pcml". Copy and paste following code. It represents a description for the sample program I2RESTECHO, that is included into i2Rest Server installation for demonstration purposes: |
<pre> | <pre> | ||
<pcml version="1.0"> | <pcml version="1.0"> | ||
| Line 13: | Line 13: | ||
</pre> | </pre> | ||
;Step 2 | ;Step 2 | ||
| − | : | + | :Follow instructions to create [[Create_Server_Application|DCM Server Application]], it will be used to supply parameters for secure connections to i2Rest gates. |
;Step 3 | ;Step 3 | ||
| − | : | + | :Follow instructions to create [[Create_Client_Application|DCM Client Application]], it will be used to submit sessions, that will use secured connections with session gate. |
;Step 4 | ;Step 4 | ||
| − | :Contact your system administrator for your IBM i server host name (or IP) and '' | + | :Contact your system administrator for your IBM i server host name (or IP) and ''three'' available ports for "main", "management" and "session" gates of your i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Сopy and paste the snippet bellow. Replace with appropriate values highlighted with <b>bold</b> parts: host_name, ports, pcml_file, dcm_server_id, dcm_client_id.<br/>For clarity, differences with [[I2Rest_quick_config|Basic configuration]] are highlighted in <span style="background:#D3D3D3;">gray</span>: |
| − | [[I2Rest_quick_config|Basic configuration]] | ||
{ | { | ||
"gates": | "gates": | ||
| Line 49: | Line 48: | ||
] | ] | ||
} | } | ||
| − | + | ||
| + | Secured i2Rest Server is ready to [[I2Rest_Start|start]].<br/> | ||
Latest revision as of 14:08, 9 July 2020
i2Rest Server uses standard IBM i GSK API to protect connections.
- Step 1
- This step is the same as in the basic example. You can skip this step if you've done the basic scenario.
Create text file named I2RESTECHO.PCML anywhere on IFS, for example "/tmp/PCML/i2restecho.pcml". Copy and paste following code. It represents a description for the sample program I2RESTECHO, that is included into i2Rest Server installation for demonstration purposes:
<pcml version="1.0">
<program name="echo" path="/QSYS.LIB/%LIBL%.LIB/I2RESTECHO.PGM">
<data name="echo" usage="inputoutput" type="char" length="10" trim="both"/>
</program>
</pcml>
- Step 2
- Follow instructions to create DCM Server Application, it will be used to supply parameters for secure connections to i2Rest gates.
- Step 3
- Follow instructions to create DCM Client Application, it will be used to submit sessions, that will use secured connections with session gate.
- Step 4
- Contact your system administrator for your IBM i server host name (or IP) and three available ports for "main", "management" and "session" gates of your i2Rest Server instance. Create file config.json (you can name it with any name and put it into any available IFS folder). Сopy and paste the snippet bellow. Replace with appropriate values highlighted with bold parts: host_name, ports, pcml_file, dcm_server_id, dcm_client_id.
For clarity, differences with Basic configuration are highlighted in gray:
{
"gates":
{
"main" : {"url":"https://<host_name>[:port](for example api.i2rest.com:1234)", "dcm_server_id":"<dcm server id>(for example MYSERVER)"},
"management" : {"url":"https://<host_name>[:port](for example api.i2rest.com:4321)", "dcm_server_id":"<dcm server id>(for example MYSERVER)"},
"session" : {"url":"https://<host_name>[:port](for example api.i2rest.com:5678)", "dcm_server_id":"<dcm server id>(for example MYSERVER)"}
},
"session_systems":
[
{ "name" : "*ANONYMOUS",
"submit" : "SBMJOB JOB(I2RESTA) \
USER(${user}) \
CMD(CALL I2REST \
PARM('-session' \
'-url' '${surl}' \
'-uid' '${uid}' \
'-dcm_client_id' 'dcm_client_id(for example MYCLIENT)' \
'-user' '${user}')) \
INLLIBL(I2REST)"
}
],
"pcmls":
[
{
"pcml_mount" : "echo",
"pcml_file" : "<complete name of i2restecho.pcml on IFS (for example /tmp/PCML/i2restecho.pcml)>",
"valid_in_anonymous" : true
}
]
}
Secured i2Rest Server is ready to start.
