PTF UJ94732 for APAR OA64188 (1Q24)
PTF UJ94732 for APAR OA64188 (1Q24) sets HTTPS as the default communication protocol for Tivoli Management Services on z/OS components, introduces related parameters RTE_TEMS_TRANSPORT_MODE and KDS_TEMS_HTTPS_PORT_NUM, and also introduces related message KFJ00226W.
HTTP
in the RTEDEF(rte_name) member for
Configuration Manager or WCONFIG(rte_name) for PARMGEN. Do not refresh your
environment until after you set this parameter. For more information, see Impact to an existing runtime environment or Update runtime environment to use HTTP.New parameters
New parameter RTE_TEMS_TRANSPORT_MODE lets you specify the communication protocol for your runtime environment. Valid values are HTTPS, HTTP, and NONE. The default value is HTTPS.
New parameter KDS_TEMS_HTTPS_PORT_NUM lets you specify the HTTPS port number. The default value is 3661.
These parameters are supported by both Configuration Manager and PARMGEN.
For more information about the parameters, see RTE_TEMS_TRANSPORT_MODE and KDS_TEMS_HTTPS_PORT_NUM.
Impact to a new runtime environment
- Using Configuration Manager: On the CREATE and MIGRATE actions, Configuration Manager exposes parameter RTE_TEMS_TRANSPORT_MODE in RTEDEF(rte_name) with the default value HTTPS, but it does not expose parameter KDS_TEMS_HTTPS_PORT_NUM. To use an HTTPS port other than the default, you must manually add parameter KDS_TEMS_HTTPS_PORT_NUM and specify the HTTPS port number.
- Using PARMGEN: PARMGEN lists parameters RTE_TEMS_TRANSPORT_MODE and KDS_TEMS_HTTPS_PORT_NUM in WCONFIG(rte_name). You must manually review both settings and update per your environment setup if necessary; otherwise, the default values will be used.
Impact to an existing runtime environment
HTTP
in the RTEDEF(rte_name) member for
Configuration Manager or WCONFIG(rte_name) for PARMGEN. Do not refresh your
environment until after you set this parameter. -
Using Configuration Manager: Before you run the GENERATE action, add the new RTE_TEMS_TRANSPORT_MODE parameter to the RTEDEF(rte_name) member and specify one of the acceptable values for this parameter: HTTP, HTTPS or NONE. The default value is HTTPS. If the parameter is not specified in the RTEDEF(rte_name) member, the default value will be used. Next, add the new KDS_TEMS_HTTPS_PORT_NUM parameter to the RTEDEF(KDS$PARM) member, the RTEDEF(KDS$lpar) member, or both, and specify the HTTPS port number. The default value is 3661. If the parameter is not specified in the RTEDEF(KDS$PARM) or RTEDEF(KDS$lpar) member, the default value will be used.
If, prior to the application of the PTF, your existing runtime environment was set up to use the default HTTP protocol and specified the port with parameter KDS_TEMS_HTTP_PORT_NUM, then, when you apply the PTF and run the GENERATE action without doing any manual changes, HTTP will be disabled, the KDS_TEMS_HTTP_PORT_NUM value (HTTP:0
) will be ignored, and the default setting (HTTPS:3661
) will be enabled. To continue using HTTP, you must manually add the following line into the RTEDEF(rte_name) member:RTE_TEMS_TRANSPORT_MODE "HTTP"
If HTTP is specified for RTE_TEMS_TRANSPORT_MODE, new message KFJ00226W is issued in the Configuration Manager KCIPRINT output data set, informing you that your runtime environment is using a non-secure communication protocol.
- Using PARMGEN: After you run the PARMGEN Workflow primary option Set up/Refresh
PARMGEN work environment (option 1), the new parameters appear in
WCONFIG(rte_name). You can update the parameters as needed.
For example, to continue using the HTTP protocol, change
RTE_TEMS_TRANSPORT_MODE to
HTTP
manually before running the $PARSE job and the subsequent PARMGEN steps; otherwise, the HTTP protocol will be disabled and the HTTPS protocol will be enabled.
Avoiding potential overrides
Existing HTTP and HTTPS communication protocol configuration in the following parameters can potentially override RTE_TEMS_TRANSPORT_MODE parameter output in the KppENV members:-
For the Tivoli Enterprise Monitoring Server (product code KDS): If
HTTPS:n
orHTTP:n
is specified in KDS_X_KDE_TRANSPORT_HTTP_OPTIONS or KDS_X_KDE_TRANSPORT_GBL_OPTIONS, consider removing those settings. The configuration tool will automatically update the KDSENV member using existing and newly introduced parameters. -
For the agents: If
HTTP:0
is specified in Kpp_X_KDE_TRANSPORT_HTTP_OPTIONS or Kpp_X_KDE_TRANSPORT_GBL_OPTIONS, consider removing it from the parameter value. By specifyingRTE_TEMS_TRANSPORT_MODE "HTTPS"
,HTTP:0
will be added to all KppENV members automatically. All HTTPS-related configuration in these parameters can remain unchanged.