Configuring secure network communications for WMLz

By default, WML for z/OS uses SSL to secure network connections and authenticate users. You can further strengthen the security of your network communications by leveraging the Application Transparent Transport Layer Security (AT-TLS) capability on z/OS.

Before you begin

Review the Installation roadmap and make sure that you've completed all preceding tasks in the sequence, including the installation of WMLz.

Procedure

When you configure your WMLz, you have the option to enable the SSL support and the z/OS Spark client authentication capability by leveraging AT-TLS. See Configuring WMLz for details.

If you choose to enable AT-TLS, complete both of the following configuration tasks:
- Configuring a keyring-based keystore (JCERACFKS) for WMLz.
- Configuring AT-TLS for secure network connections with WMLz.
Important: Make sure that you use the same SSL certificate in both your RACF keystore and your AT-TLS policy.
If you choose not to enable AT-TLS, complete one of the following configuration tasks:
- Configuring a keyring-based keystore (JCERACFKS) for WMLz.