Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
IRRI027I z/OS Security Server RACF Messages and Codes SA23-2291-00 |
|
IRRI027I RACF COMMUNICATION
WITH TCP NODE partner-node [SYSNAME system-name] HAS
BEEN SUCCESSFULLY ESTABLISHED USING CIPHER ALGORITHM cipher. ExplanationThis informational message indicates one or more RACF® TARGET commands were issued that caused RACF to establish this communication link with the partner node using the TCP protocol. On each node, RACF successfully exchanged information, and both agreed to allow the communication. Communication is now considered OPERATIVE ACTIVE between these two nodes. If SYSNAME information is present in this message, the partner node partner-node is a multisystem node. The cipher (encryption) algorithm cipher was negotiated between the partner nodes using settings defined in the AT-TLS policy. The cipher is being displayed in case you want to monitor (manually or with the use of automation software) connections to double check that the intended encryption was applied, and continues to be applied, by your AT-TLS policy. This information can also be displayed by the TARGET LIST command, and by the Communication Server NETSTAT command. RACF does not enforce a minimum encryption level because some installations might choose to use IPSec for their encryption, therefore, it is important that you must verify the encryption level. System programmer responseNo response is needed if you expected RACF to be communicating with RACF on the partner node by using the cipher algorithm displayed. Otherwise, you might want to issue RACF TARGET commands to remove the communication path or modify the RACF parameter library commands that you currently run during RACF subsystem initialization. You might also want to update your AT-TLS policy. After updating your AT-TLS policy, restart the connection to the remote node so that it uses the new cipher algorithm. Routing code2 Descriptor code6 |
Copyright IBM Corporation 1990, 2014
|