Updating the CICS® Transaction
Gateway configuration file (ctg.ini) for SSL.
- Edit the ctg.ini file to add the SSL handler definition protocol@ssl.handler=com.ibm.ctg.server.SslHandler
- Add the following parameters to the SSL handler parameters definition protocol@ssl.parameters:
- port
- This parameter identifies the TCP/IP port on which the protocol
handler listens for incoming client requests.
- clientauth
- This parameter determines whether or not client authentication
occurs. Valid values are on, client authentication is performed, or
off, client authentication is not performed. The default is off.
For example, if you have taken the optional step
of configuring the SSL client authentication:
protocol@ssl.parameters=port=8573;\
clientauth=on;
- Add the following parameters to the PRODUCT section:
- keyring
- This parameter specifies the name of the keyring to be used by
this protocol handler. For more information, see Key ring file
- esmkeyring
- This parameter specifies that the SSL keyring is stored in an
external security manager (ESM). For more information, see ESM key ring
For example:
SECTION PRODUCT
KEYRING=CTGKEYRING
ESMKEYRING=ON
ENDSECTION
- Save the changes.