Configuring a secure communication between HyperSwap and the client

Edit online

Create a certificate authority (CA) for TLS and prepare the CA for export to the client for server certificate authenticity.

About this task

The Copy Services Manager server communicates through the TCP/IP protocol. This protocol is encrypted by Transport Layer Security (TLS) to a HyperSwap management-address space that you can use to manage your attached storage devices. You can manage the HyperSwap and z/OS hardened freeze functions on these devices.

Important: When you create the CA, the user ID that you use for your commands must be the same user ID that is used to run HyperSwap.

Procedure

  1. To create a CA and prepare it for export, find the sample job in wlp/usr/servers/csmServer/etc/CERTCRE8.sample and modify the parameters as necessary for your environment.
  2. Copy this job to SYS1.CLIST(CERTCRE8) and run it.
  3. Refer to z/OS documentation for setting up a keyring.
  4. Download the file that you exported in CERTCRE8, in binary, to your local file system. Then, it is available for import on the Copy Services Manager GUI for Importing a certificate for a z/OS host connection by using the GUI.