Preconfiguration considerations
The security mechanisms used by z/OS Debugger servers and services rely on the data sets and file systems they reside in being secure. This implies that only trusted system administrators should be able to update the program libraries and configuration files.
z/OS Debugger services use various methods to communicate with each other, which includes TCP/IP
communication with a client on another system. Contact your TCP/IP administrator to ensure the
firewall protecting your z/OS system is configured to allow this communication. Listed below are the
ports used for external communication:
- Debug Profile Service (using TCP), default port
8143
z/OS Debugger servers designed for communication with client on another system use encrypted communication by default. To simplify initial verification of the server customization work, the default configuration uses a newly generated, self-signed certificate to do the encrypted communication. However, IBM advises to switch to using a CA-signed certificate before bringing the server into production.