Running AQTSSLDG to complete Data Gate network setup steps

Customize and run the AQTSSLDG sample job to complete several setup steps for inbound and outbound network traffic in one go.

About this task

To save time, you can customize and run the AQTSSLDG sample job. The AQTSSLDG sample job is a member of the SAQTSAMP data set, which comes with the stored procedures of the product. It can complete the following configuration steps for you all in one go:

For inbound network access:

  1. Modifying the RACF profile for use with Data Gate
  2. Creating certificates to encrypt the connection between Db2 for z/OS and Data Gate
  3. Creating a RACF key ring for use with Data Gate

For outbound network access:

  1. Creating a RACF profile with permissions for Data Gate
  2. Generating and exporting a key pair and a certificate for Data Gate
Note: After Data Gate service version 5.2.0, you might need to follow the instructions in Failed to extract certificates from the PKCS12 certificate file to convert the certificate with valid cipher in openssl 3.0.

Mind that these are not all the steps that are needed to configure inbound and outbound network access for Data Gate. Having run the modified sample job, you still need to complete the following steps:

For inbound network access:

  1. Defining a secure network port for connections to Data Gate
  2. Defining TTLS rules for connections to Data Gate

For outbound network access:

Procedure

  1. In the AQTSSLDG job, replace the placeholders with suitable values.
    Placeholders in the sample job are enclosed in exclamation marks, for example !USERNAME!. The placeholders are described in the comment text of the sample job. When in doubt, refer to the documentation of the steps covered by the sample job (follow the appropriate links in the About this task section above). These sections provide detailed information and examples.
  2. Submit the modified sample job.