> Well I got my SSLSERV up and started to update my PROFILE TCPIP to add a > secure port to test with, then I remembered our session manager (Macro 4 > - TUBES) intercepts port 23 for telnet and uses the port for TUBES.
They may not support it in TUBES, but the stack is doing all the work anyway, so I suspect it won't matter. SSLSERV operates before any application that uses the stack gets the data, the TCP app (ie, TUBES in this case) never knows that the SSL encryption happened -- it just sees normal TCP packet traffic post-encryption/decryption. That was the appeal of doing implicit SSL -- no application changes are necessary, and the application doesn't even know it is happening. Since most users now have programmable workstations rather than dumb terminals, most people just drop the session manager altogether and just open multiple windows on the workstation. There are good and bad arguments, but free vs whatever nonzero cost for a session manager is pretty hard to argue with. Keep in mind the limited number of SSL session that SSLSERV (even with the current patches) can support will affect this decision, so keeping Tubes might be a good idea in that it will let you limit the number of incoming TCP sessions that need encryption.