SSL can be defined for local or remote IPIC connections.
Local mode
In local mode, IPIC connections
use the SSL key ring settings of either the Java™ base class or the resource adapter.
- To configure SSL for the Java base
classes:
- Create a java.util.Properties object
- Add the following properties:
- JavaGateway.SSL_KEYRING_CLASS, <keyring file location>
- JavaGateway.SSL_KEYRING_PASSWORD, <password>
- Set the properties on the JavaGateway by calling the setProtocolProperties() method,
passing the java.util.Properties object.
- Define the server name as ssl://<server_name>:<port>.
Set the server name on the ECIRequest object and not on the JavaGateway
object.
- To configure SSL connection for a resource adapter:
- Define serverName as ssl://<server_name>:<port>.
- Set the keyRingClass property to the location
of the key ring file.
- Set the keyRingPassword property to the password
of the key ring file.
Remote mode
To configure the Gateway daemon
to use SSL connections to CICS®:
- Set the key ring parameters for the Gateway daemon. For more information,
see SSL key ring configuration.
- To enable SSL on each IPIC connection, set the ssl parameter
in the IPICSERVER section of the configuration file to Y.
- If you want to limit the cipher suites that are enabled for the
connection, set the ciphersuites parameter to
a comma separated list of cipher suites to use.