Specifies the name of the profile that authorizes CICS to access certificate
revocation lists that are stored in an LDAP server. For more information about
certificate revocation lists and setting up this profile, see Configuring an LDAP server for CRLs.
Specifies the cipher suites that CICS® uses for secure TCP/IP connections.
When a secure connection is established between a pair of processes, the most
secure cipher suite supported by both is used. For more information about
cipher suites, see Cipher suites.
Specifies the name of a key ring in the RACF® database that contains keys and certificates
used by CICS. It must be owned by the CICS region userid.
You can create an initial key ring with the DFH$RING exec in CICS2T1.CICS.SDFHSAMP.
Specifies the maximum number of S8 TCBs that are available to CICS to
process secure sockets layer connections. This value is a number in the range
0 through 999, and has a default value of 8. The S8 TCBs are created and managed
in the SSL pool. An S8 TCB is only used by a task for the duration of the
SSL processing. This parameter replaces the now obsolete SSLTCBS system
initialization parameter.
Specifies whether CICS should use the local SSL cache in the CICS region,
or share the cache across multiple CICS regions by using the coupling facility.
Caching across a sysplex can only take place when the regions accept SSL connections
at the same IP address.
Specifies the length of time in seconds for which CICS retains session
IDs for secure socket connections in a local CICS region. Session IDs are
tokens that represent a secure connection between a client and an SSL server.
While the session ID is retained by CICS within the SSLDELAY period, CICS
can continue to communicate with the client without the significant overhead
of an SSL handshake. The value is a number of seconds in the range 0 through
86400. The default value is 600.