Now that we've gotten to clarify on the Basic Constraints thing (TL;DR: the RFCs require it; System SSL does not, prior to TLSv1.3; for LE at least, an ENVAR can override it), I have a follow-on question:
Can I set an environment variable outside of LE and have it apply to the LE enclave? Our STC starts with an assembler program that handles the PC, XMS, etc., and then eventually calls the LE program to do the actual work for the client. While it doesn't matter here, since the ENVAR is needed only for the LE part, I wondered whether we could have also set the environment variable for the entire PROC and have it work. Figured someone would know offhand; a bit of searching was inconclusive, and I can't trivially test it because the broken certificate was corrected and making someone put it back AGAIN the week before Christmas when half the office is already gone would be difficult. Plus it might save someone else hassle later to get it hashed out here, in the archives. TIA ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
