Feature toggles
Feature toggles make it easier for you to make the configuration changes that are necessary to enable new capabilities, particularly for capabilities that are delivered between releases of CICS® TS. This page lists the feature toggles available in CICS TS 5.5.
- For an introduction to feature toggles, see CICS feature toggles and continuous delivery.
- For a summary of changes to feature toggles by release, see Changes to feature toggles.
- For configuration instructions, see Specifying feature toggles and the information that is linked for each feature toggle below.
Feature toggles for CICS Transaction Server for z/OS®
- Feature toggle
- Capability
com.ibm.cics.bms.ids={true|false}
- Allows CICS to detect if a 3270 emulator has invalidly modified a protected field generated by a BMS map.
com.ibm.cics.cmci.jvmserver={true|false}
- Allows you to set up the CMCI without the CMCI JVM server.
com.ibm.cics.container.hash={true|false}
- Allows you to revert to the ordering of returned containers that was provided before CICS TS 5.5.
com.ibm.cics.cpsm.bas.largecicsplex={true|false}
- Allows you to constrain large resource deployments lists for BAS to a single data space instead of spreading across multiple data spaces.
com.ibm.cics.cpsm.wlm.botrsupd.enabled={true|false}
- Allows you to disable updates to the Coupling Facility when the task load falls below the lower tier threshold of the CICSPlex® SM tuning parameter, BOTRSUPD.
com.ibm.cics.cpsm.wlm.surgeresist={true|false}
- When applied to CICSPlex SM WLM routing regions, this feature toggle takes effect for the QUEUE and GOAL WLM algorithms when using CICSPlex SM sysplex optimized workload routing. It has no effect when applied to target regions.
com.ibm.cics.db2.origindata={true|false}
- Enables or disables the passing of adapter origin data to Db2® for adapter tracking.
com.ibm.cics.db2.sharelocks={true|false}
- Allows you to enable the CICS Db2 share locks feature.
com.ibm.cics.ds.freeussprocesses={true|false}
- This feature toggle is intended for use only under guidance from IBM® Support. Relates to the handling of USS processes.
com.ibm.cics.http.options.handler={program_name}
- Allows you to specify the name of the HTTP Options handler program.
com.ibm.cics.rls.delete.ridfld={true|false}
- To support migration from non-RLS to RLS access mode, allows you to achieve the local VSAM CILOCK=NO behavior for RLS files. This avoids the potential of AFCG abends when you use DELETE RIDFLD on RLS files.
com.ibm.cics.spool.defaultjobuser={region|task}
- Allows you to change the default job user ID of a JOB card that is written using a SPOOLWRITE command without a USER parameter (the default is the CICS region ID) to be the signed-on user ID.
com.ibm.cics.spool.surrogate.check={true|false}
- Enables surrogate user checking for spool commands.
com.ibm.cics.tls.minimumkeystrength={1024|2048}
-
If the feature toggle value is set to 2048 CICS will use a minimum key size of 256 for ECC keys and 2048 for RSA, DSA and Diffie-Hellman keys during TLS handshakes.
CICS will use a minimum key size of 256 for ECC keys and 2048 for RSA, DSA and Diffie-Hellman keys during TLS handshakes.
The following System SSL settings will be in effect:
GSK_CLIENT_ECURVE_LIST=00250024002300300029
GSK_SERVER_ALLOWED_KEX_ECURVES=00250024002300300029
GSK_CLIENT_EPHEMERAL_DH_GROUP_SIZE=2048
GSK_SERVER_EPHEMERAL_DH_GROUP_SIZE=2048
GSK_PEER_DH_MIN_KEY_SIZE=2048
GSK_PEER_DSA_MIN_KEY_SIZE=2048
GSK_PEER_ECC_MIN_KEY_SIZE=256
GSK_PEER_RSA_MIN_KEY_SIZE=2048
If the feature toggle value is set to 1024 or is not set, then the System SSL default values will be used for the key sizes and set of elliptical curves. For more information about the SSL default values, see gsk_environment_open() in z/OS documentation.
com.ibm.cics.web.defaultcipherfile={true|false}
- Allows CICS to use a default set of ciphers from a cipher file called defaultciphers.xml, instead of the current default list of 2-digit ciphers (3538392F3233). This capability allows a greater set of ciphers to be used for outbound requests without having to create a URIMAP for each potential endpoint.
com.ibm.cics.web.hsts.max-age=seconds
- Activates and sets HTTP strict transport security (HSTS) for a CICS region. See Support for HTTP strict transport security (HSTS).
com.ibm.cics.web.hsts.includesubdomains={true|false}
- Controls whether to extend HSTS to the sub-domains of the CICS server. See Support for HTTP strict transport security (HSTS).
com.ibm.cics.web.hsts.max-age.TCPIPS={seconds|-1}
- Sets HSTS for an individual TCPIPSERVICE to override the region wide setting. See Support for HTTP strict transport security (HSTS).
com.ibm.cics.web.hsts.includesubdomains.TCPIPS={true|false}
- Controls whether to extend HSTS to the sub-domains of the specified TCPIPSERVICE. See Support for HTTP strict transport security (HSTS).