HTTP client configuration file for SSL
You must create one or more Hypertext Transfer Protocol (HTTP) client configuration files for SSL and place them in
the /etc/ssl/httpc/ directory on the z/TPF system to establish a secure HTTP client session using SSL.
HTTP client configuration files must use the
following naming convention:
/etc/ssl/httpc/machine.conf,
where: - machine
- is the host name or IP address of the HTTP server to which a secure HTTP session will be
established. You can also create a default HTTP client
configuration file that will be used if a specific configuration file cannot be found for a given
HTTP session. The default configuration file must be called
/etc/ssl/httpc/httpc.conf.
You must specify the following parameters for the HTTP client configuration file for SSL:
- VERSION
- CIPHER
- VERIFYPEER.
The following parameters for the HTTP client
configuration file for SSL are optional:
- CAINFO
- is required only when you have specified YES for the VERIFYPEER parameter. Either the CAINFO or CAPATH parameter (or both) is required when the value of the VERIFYPEER parameter is set to YES.
- CAPATH
- is required only when you have specified YES for the VERIFYPEER parameter. Either the CAINFO or CAPATH parameter (or both) is required when the value of the VERIFYPEER parameter is set to YES.
- CERTIFICATE
- is specified if a client certificate will be used.
- CERTTYPE
- is required only when the CERTIFICATE parameter is specified.
- KEY
- is required only when the CERTIFICATE parameter is specified.
- KEYTYPE
- is required only when the CERTIFICATE parameter is specified.
Note: The USESSL parameter is ignored for the HTTP client configuration file for SSL.
# Example HTTP client configuration file
VERSION=TLSv1
CIPHER=DES-CBC3-SHA,AES128-SHA,AES256-SHA
VERIFYPEER=YES
CAINFO=/etc/ca/certauth.conf