- Migration of existing functions
-
- The default setting for the ENCRYPTION system initialization parameter
has changed to STRONG. If you have no high encryption ciphers installed
(security level 3) on z/OS®, then you need to downgrade the
default setting for the ENCRYPTION system initialization parameter.
- The NORMAL setting that has been used as the default in previous
releases, has changed to MEDIUM for this release of CICS®. For
migration purposes, NORMAL is accepted as an alternative to MEDIUM.
- The SSLTCBS system initialization parameter is now obsolete and
has been replaced by MAXSSLTCBS. MAXSSLTCBS controls the maximum number
of S8 TCBs that are allowed to run concurrently in the open transaction
environment (OTE) TCB pool for SSL.
- Migration to the new function
-
- You can exploit the CIPHERS attribute to better control the encryption
negotiation process between CICS and
clients.
- You can use the CRLPROFILE and SSLCACHE system initialization
parameters to verify certificates in the SSL handshake and improve
the performance of the handshake through sharing the SSL cache across CICS regions.
[[ Contents Previous Page | Next Page Index ]]