The SSLCACHE system initialization
parameter specifies whether session IDs for SSL sessions are to be
cached locally or at sysplex level for reuse by the CICS® region. The SSL cache allows CICS to perform partial handshakes with clients
that it has previously authenticated.
- SSLCACHE={CICS|SYSPLEX}
- CICS
- The SSL environment for the CICS region
includes a local cache of session IDs for SSL sessions between CICS and clients. z/OS® System SSL manages the SSL environment.
This cache is replaced by a new cache when the PERFORM SSL REBUILD
command is issued.
- SYSPLEX
- A cache of SSL sessions is held at sysplex level for multiple CICS regions, in the coupling facility.
This cache is not affected when the PERFORM SSL REBUILD command is
issued. Sysplex caching is only allowed if multiple CICS socket-owning regions accept SSL connections
at the same IP address. You must activate the z/OS System SSL started task GSKSRVR to have
a sysplex cache.