Working with SSL/TLS on z/OS

This information describes how you set up and work with Transport Layer Security (TLS) on z/OS®.

Each topic includes examples of performing each task using RACF®. You can perform similar tasks using the other external security managers.

On z/OS, you must also set the number of server subtasks that each queue manager uses for processing TLS calls, as described in Setting the SSLTASKS parameter on z/OS.

z/OS TLS support is integral to the operating system, and is known as System SSL. System SSL is part of the Cryptographic Services Base element of z/OS. The Cryptographic Services Base members are installed in the pdsname. SIEALNKE partitioned data set (PDS). When you install System SSL, ensure that you choose the appropriate options to provide the CipherSpecs that you require.