SMP/E for z/OS User's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Preparing for secure Internet delivery

SMP/E for z/OS User's Guide
SA23-2277-01

Start of change
z/OS product and service offerings can be downloaded directly from IBM's servers to your z/OS system. SMP/E provides capabilities to perform these download operations using the RECEIVE command and the GIMGTPKG service routine. SMP/E supports secure and encrypted download operations using FTPS (FTP over SSL/TLS) and HTTPS (HTTP over SSL). However, using either of these download methods requires preparation and one-time setup.
Note: Support for HTTP and HTTPS downloads is added to SMP/E V3.5 and V3.6 with APAR IO20858.
This topic provides an overview of using SMP/E for secure internet download operations, in particular from IBM's secure delivery servers, and the one-time steps you need to take to prepare.
  • SSL overview
  • Enable certificate authority certificates
  • Define CLIENT input for RECEIVE and GIMGTPKG

HTTPS Fast Path!

Start of changeThe quick and easy method to enable secure download operations is to instruct the SMP/E RECEIVE command and GIMGTPKG service routine to use the HTTPS download method and certificate authority (CA) certificates managed by the default z/OS Java truststore. To do so, simply specify the SMP/E <CLIENT> tag with the following attributes: 
<CLIENT
  downloadmethod=”https”
  downloadkeyring=”javatruststore”
  javahome="/usr/lpp/java/J6.0"
  >
</CLIENT>
If you want to understand the background and details of the above attributes, or if you want to explore other options such as FTPS or using CA certificates stored in your z/OS security manager database, then read on. Otherwise, you can skip the rest of this topic.End of change
End of change

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014