Topic
  • 2 replies
  • Latest Post - ‏2014-07-03T03:43:17Z by Bill Soper
10EU_Brad_Wissink
10EU_Brad_Wissink
1 Post

Pinned topic Can File Manager use RACF Policy Agent for SSL?

‏2014-07-01T21:20:17Z | at-tls fileman ssl

We are running File Manager V11 and have it setup for CICS Explorer.  We are just starting to work with the RACF Policy agent and the use of AT-TLS.  Can the File Manager SSL requirements be setup in a policy agent TTLSRule?   if so what would be the keyring?

  • DaveN
    DaveN
    89 Posts

    Re: Can File Manager use RACF Policy Agent for SSL?

    ‏2014-07-02T09:09:57Z  

    Hi Brad,

    Most of us monitoring the forum are experts in CICS Explorer with only an overview of File Manager.

    I'm trying to get a contact from File Manager who can answer your question.

    Dave :-)

  • Bill Soper
    Bill Soper
    1 Post

    Re: Can File Manager use RACF Policy Agent for SSL?

    ‏2014-07-03T03:43:17Z  

    Hi,
    While I'm not a AT-TLS expert, some general information - this should be configurable in your TTLSRule -  connection is inbound on the server port and is the simplest case - SSL Protection, no client authentication. The keyring to use is up to you and specified as part of the TTLSEnvironmentAction referred to by your TTLSRule.  When using with AT-TLS, configure the FMNCAS server without SSL.
    For TLS configuration with servers you probably already have this link - but just in case;

    http://pic.dhe.ibm.com/infocenter/zos/v1r13/topic/com.ibm.zos.r13.halz002/opcfgattls.htm#opcfgattls 

    However, I'm still to confirm that the client would recognize such a connection. I'll let you know after I check this out. In our experience it is easier to turn on SSL support for the FM(later Common Component) server than configuring AT-TLS, so we don't have examples of this running.
    Bill (FM&CommonComponent Development)

    Updated on 2014-07-03T04:00:25Z at 2014-07-03T04:00:25Z by Bill Soper