Records Settings in the z/OS Remote Node Record for OpenVMS Parameter File
The following example shows the remote node record that defines the Connect:Direct® for z/OS® node named Q1A.ZOA.V4700. The OpenVMS network map contains an adjacent (remote) node record with the exact same name.
|
When the OpenVMS node is the server, it requests that the client authenticate itself (Client Authentication = Y) and send its certificate common name (mfsscert_a) for an extra layer of authentication. The public key information for the z/OS node is stored in the Root Certificate file named mfcert_a.txt; its location is specified (disk$data:[qaitan.qla]).
The key certificate file contains the information that identifies the OpenVMS node to other nodes (disk$data:[qaitan.q1a]2048sskeycert.txt). In order for the OpenVMS system to access its private key to send information to the other node, the passphrase must be entered as well. The z/OS node validates this key certificate information against the information stored in its GSKYYMAN database.
The cipher suites are listed in the order of preference, and the first one that matches a cipher suite defined for the other node is used to establish a session.