This section is provided to assist you with some common problems that you may encounter when setting up encrypted communication, or during checking or modifying an existing setup. This section also provides a sample setup to support users authenticating themselves with an X.509 certificate.
Secure communication means ensuring that your communication partner is who he claims to be, and transmitting information in a manner that makes it difficult for others to intercept and read the data. TLS (Transport Layer Security) provides this ability in a TCP/IP network. It works by using digital certificates to identify yourself and a public key protocol to encrypt the communication. Refer to Security Server RACF® Security Administrator's Guide (SA22-7683) for more information on digital certificates and the public key protocol.
The actions needed to set up encrypted communications for z/OS Explorer will vary from site to site, depending on the exact needs, the RSE communication method used and what’s already available at the site.
In this section we will clone the current RSE definitions, so that we have a 2nd RSE daemon connection that will use encrypted communication. We will also create our own security certificates to be used by the different parts of the RSE connection.
Some tasks described in the following sections expect you to be active in z/OS® UNIX. This can be done by issuing the TSO command OMVS. Use the exit command to return to TSO.