Verifying that SSL is enabled on the connection

Verify that SSL security is enabled on the Java™ client connection to CICS® Transaction Gateway.

Start CICS Transaction Gateway. If the SSL protocol handler starts successfully CICS Transaction Gateway generates two messages.

The first message lists the SSL ciphers that have been enabled, for example:

CTG8489I The following cipher suites are provided by JSSE:
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256
SSL_RSA_WITH_AES_128_CBC_SHA256
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256
SSL_DHE_RSA_WITH_AES_128_CBC_SHA256
SSL_DHE_DSS_WITH_AES_128_CBC_SHA256
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_AES_128_CBC_SHA
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA
SSL_DHE_RSA_WITH_AES_128_CBC_SHA
SSL_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_ECDHE_ECDSA_WITH_RC4_128_SHA
SSL_ECDHE_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_SHA
The second message confirms that the SSL protocol handler started successfully and identifies the port that is being used. For example:
CTG6524I Successfully started handler for the ssl: protocol on port 8573
If the SSL protocol handler fails to start, CICS Transaction Gateway generates the following message:
CTG6525E Unable to start handler for the ssl: protocol, port: 8573, because: 

The message is followed by a reason, for example invalid port number and a Java exception. If an exception occurs, rectify the problem and restart CICS Transaction Gateway.


Information Information

Feedback


Timestamp icon Last updated: Tuesday, 19 November 2013


https://ut-ilnx-r4.hursley.ibm.com/tgzos_latest/help/topic/com.ibm.cics.tg.zos.doc//ctgzos/sc05_test_verif.html