Managing encryption protocols

z/OS® Explorer allows you to specify System SSL variables GSK_PROTOCOL_* in rse.env. These variables specify whether the specified encryption protocol is enabled. RSE daemon will pass this selection on to RSE server to be used by Java™ cryptographic services. Note that at the time of publication, z/OS Explorer clients use the TLSv1.0 protocol, and all clients require changes to use another protocol.

For example:

GSK_PROTOCOL_SSLV3=OFF
GSK_PROTOCOL_TLSV1=ON

Explicitly disables the SSLv3.0 protocol, and explicitly enables the TLSv1.0 protocol. For a list of supported protocols and the matching variable names, see Cryptographic Services System SSL Programming (SC24-5901).