Topic
  • 2 replies
  • Latest Post - ‏2014-07-03T03:43:17Z by Bill Soper
10EU_Brad_Wissink
10EU_Brad_Wissink
1 Post

Pinned topic Can File Manager use RACF Policy Agent for SSL?

‏2014-07-01T21:20:17Z |

We are running File Manager V11 and have it setup for CICS Explorer.  We are just starting to work with the RACF Policy agent and the use of AT-TLS.  Can the File Manager SSL requirements be setup in a policy agent TTLSRule?   if so what would be the keyring?

  • DaveN
    DaveN
    75 Posts

    Re: Can File Manager use RACF Policy Agent for SSL?

    ‏2014-07-02T09:09:57Z  

    Hi Brad,

    Most of us monitoring the forum are experts in CICS Explorer with only an overview of File Manager.

    I'm trying to get a contact from File Manager who can answer your question.

    Dave :-)

  • Bill Soper
    Bill Soper
    1 Post

    Re: Can File Manager use RACF Policy Agent for SSL?

    ‏2014-07-03T03:43:17Z  

    Hi,
    While I'm not a AT-TLS expert, some general information - this should be configurable in your TTLSRule -  connection is inbound on the server port and is the simplest case - SSL Protection, no client authentication. The keyring to use is up to you and specified as part of the TTLSEnvironmentAction referred to by your TTLSRule.  When using with AT-TLS, configure the FMNCAS server without SSL.
    For TLS configuration with servers you probably already have this link - but just in case;

    http://pic.dhe.ibm.com/infocenter/zos/v1r13/topic/com.ibm.zos.r13.halz002/opcfgattls.htm#opcfgattls 

    However, I'm still to confirm that the client would recognize such a connection. I'll let you know after I check this out. In our experience it is easier to turn on SSL support for the FM(later Common Component) server than configuring AT-TLS, so we don't have examples of this running.
    Bill (FM&CommonComponent Development)

    Updated on 2014-07-03T04:00:25Z at 2014-07-03T04:00:25Z by Bill Soper