SSL configuration for IPIC connections

SSL can be defined for local or remote IPIC connections.

Local mode

In local mode, IPIC connections use the SSL key ring settings of either the Java™ base class or the resource adapter.
  1. To configure SSL for the Java base classes:
    1. Create a java.util.Properties object
    2. Add the following properties:
      1. JavaGateway.SSL_KEYRING_CLASS, <keyring file location>
      2. JavaGateway.SSL_KEYRING_PASSWORD, <password>
    3. Set the properties on the JavaGateway by calling the setProtocolProperties() method, passing the java.util.Properties object.
    4. Define the server name as ssl://<server_name>:<port>. Set the server name on the ECIRequest object and not on the JavaGateway object.
  2. To configure SSL connection for a resource adapter:
    1. Define serverName as ssl://<server_name>:<port>.
    2. Set the keyRingClass property to the location of the key ring file.
    3. Set the keyRingPassword property to the password of the key ring file.

Remote mode

To configure the Gateway daemon to use SSL connections to CICS®:

  1. Set the key ring parameters for the Gateway daemon. For more information, see SSL key ring configuration.
  2. To enable SSL on each IPIC connection, set the ssl parameter in the IPICSERVER section of the configuration file to Y.
  3. If you want to limit the cipher suites that are enabled for the connection, set the ciphersuites parameter to a comma separated list of cipher suites to use.

Information Information

Feedback


Timestamp icon Last updated: Tuesday, 19 November 2013


https://ut-ilnx-r4.hursley.ibm.com/tgzos_latest/help/topic/com.ibm.cics.tg.zos.doc//ctgzos/ipicssl.html