Use the ciphersuites parameter
to restrict the set of cipher suites that can be used with the SSL
protocol.
ciphersuites=<name>- Description
- Specify the cipher suites that CICS® Transaction Gateway client
applications can use to connect to CICS Transaction Server for z/OS®. You
can define multiple cipher suites by separating them with a comma.
If none of the cipher suites listed are supported by the JSSE provider, CICS Transaction Gateway fails
to start. If no cipher suite is specified or the parameter is omitted,
all available cipher suites can be used.
This
parameter is in the IPICSERVER
section of the configuration file.
- Default value
- If this parameter is not specified, the default is that all available
cipher suites are available.
- Configuration Tool
- In the Configuration Tool, you can set the value of ciphersuites in
the Use only these ciphers field in the Server
connection page page. This page can be accessed by selecting
an existing server in the CICS Servers section of the CICS Transaction
Gateway pane or by creating a server definition. To create a server
definition, click or click the New Server icon.
Enter
the cipher suite name in the field, and then click Add to
add it to the list. To remove a cipher suite, select the suite in
the list and click Remove.