MODIFY command: Network security services server
You can use the operator console and the MODIFY command to control the network security services (NSS) server functions.
Format:
|--+-MODIFY-+--procname,DISPLAY--+---------------+--------------| '-F------' '-'-,URLCACHE-'-' |--+-MODIFY-+--procname,REFRESH--+--------------------+---------| '-F------' +-,FILE='filename'---+ '-,FILE=//'filename'-'
Parameters:
- procname
- The member name of the cataloged procedure that is used to start the network security services daemon (NSSD).
- DISPLAY
- Displays configuration values that are currently being used by
the NSS server.
- URLCACHE
- Displays the current contents of the URL cache instead of displaying the configuration information. For each URL that has data cached, this command displays the type of data (Cert, Bundle, or CRL), the expiration date and time of the cache entry, and the URL for which data is cached.
- REFRESH
- Indicates that the NSS server configuration file should be reread
and any cached certificate URL data should be flushed.
See the Network security services server information in z/OS Communications Server: IP Configuration Reference for more information.
- FILE
- Indicates the name and location of the network security services (NSS) server configuration file that is to be read. The filename value must be a fully qualified z/OS® UNIX file name or an MVS™ data set name. You must enclose a z/OS UNIX file name in single quotation marks ('). MVS data set names must begin with two forward slashes (//) and you must enclose the data set name in single quotation marks ('). If the FILE parameter is omitted, the normal search order for locating the configuration data set or file applies. See the steps for configuring the NSS server in the z/OS Communications Server: IP Configuration Guide for information about the search order. This option is valid only when it is specified with the REFRESH parameter. If you omit this option, the NSS server rereads the configuration file with which it was started.
Examples:
The following example displays
the configuration values that are currently being used by the NSS
server.
f nssd,display
EZD1386I DISPLAY NSS CONFIGURATION
DISPLAY Network Security Server Configuration Parameters:
Port = 4159
SyslogLevel = 255 (0x00ff)
KeyRing = "nssd/keyring"
----------------------------------
Discipline IPSec = Enabled
Discipline XMLAppliance = Enabled
----------------------------------
IPSec Discipline Configuration Parameters:
FIPS140 = No
URLCacheInterval = 10080
There are 2 CertificateURL and CertificateBundleURL entries:
Type Label URL
------ -------------------------------- -------------------------
Cert Cert1 http://example.com/cert1.der
Bundle Root1 Chain MVSA Cert5 http://example.com/certbndl2.bndl
The following example displays the current URL cache information.
f nssd,display,urlcache
EZD1389I DISPLAY NSS URLCACHE:
URL Cache:
Type Expiration URL
------ ------------------- -------------------------
CRL 2010/02/04 12:48:12 HTTP://EXAMPLE.COM:80/crl.der
Cert 2010/02/04 12:50:36 HTTP://EXAMPLE.COM:80/cert2.der
2 URL Cache entries displayed.