Securing the socket

How to secure the connection in a Cyber Vault environment using z/OS Communications Server AT-TLS.

A self-signed certification authority is created on both systems, and private key certificates are generated from these CA certificates for authentication and encryption purposes. The public key certificates are then exported and imported to the key ring of the other system. This setup ensures that only authorized parties with access to the certificates can use the socket connection as either a client or a server. Unauthorized access is prevented.

Note: Ensure AT-TLS is configured so that TCP/IP connections can be controlled using the z/OS Communications Server Policy Agent.