SSL protocol parameters

To enable the SSL protocol, add the name of the SSL protocol handler to the GATEWAY section of the configuration file.

Insert this line:
    protocol@ssl.handler=com.ibm.ctg.server.SslHandler
Followed by:
    protocol@ssl.parameters=clientauth=<on>;connecttimeout=<number>;\
    dropworking;idletimeout=<number>;keyring=<file>;\
    keyringpw=<password>;keyringpwscrambled=<on|off>;\
    pingfrequency=<number>;port=<number>;requiresecurity;solinger=<number>;\
    ciphersuites=<name>;
Note that you do not need to specify the parameters that are not required for your configuration.
Entries for each protocol must be in the form shown: Entries correspond to fields in the SSL settings panel:
Table 1. SSL protocol
Entry in the configuration file Description
bind Bind address
ciphersuites Use only these ciphers
clientauth Use client authentication
connecttimeout Connection timeout
dropworking Drop working connections
idletimeout Idle timeout
pingfrequency Ping frequency interval
port Port
requiresecurity Require Java Clients to use security classes
solinger SO_LINGER setting
Note: For a description of the parameters esmkeyring, hwcrypt, keyring, keyringpw, and keyringpwscrambled, see PRODUCT section of the configuration file.

Information Information

Feedback


Timestamp icon Last updated: Tuesday, 19 November 2013


https://ut-ilnx-r4.hursley.ibm.com/tgzos_latest/help/topic/com.ibm.cics.tg.zos.doc//ctgzos/sslprot13zos.html