Security of REST service connections

Db2 supports HTTPS REST service requests by using the z/OS® Communications Server IP Application Transparent Transport Layer Security (AT-TLS) capability. The policy-driven AT-TLS support is configured in the TCP/IP stack and performs the TLS check on behalf of Db2 by invoking the z/OS system SSL feature in the TCP layer.

To support HTTPS requests, you must use a secure port for SSL connections. Make sure that the DDF TCP/IP SQL Listener service is capable of listening to a secondary secure port for inbound SSL connections. DDF verifies that all connections to Db2 through the secure port are protected by AT-TLS policies.