This task defines the policy rules required to implement SSL communication
in Application Performance Analyzer.
The policy rules required in: ‘SYS1.TCPPARMS(TCPOLS)'
are itemized below.
- TTLSRule APAListener
- {
- LocalPortRange 8100 8199
- JobName LI*
- Direction Inbound
- TTLSGroupActionRef APAListASecureGrpAct
- TTLSEnvironmentActionRef APAListASecureEnvAct
- }
- TTLSGroupAction APAListASecureGrpAct
- {
- GroupUserInstance 1
- TTLSEnabled On
- Trace 3
- }
- TTLSEnvironmentAction APAListASecureEnvAct
- {
- EnvironmentUserInstance 1
- HandShakeRole Server
- TTLSKeyRingParms
- {
- Keyring APAListAKeyRing
- }
- }
Where
- Statement #1: TTLSRule defines the AT-TLS rule paragraph. In this
example, the rule paragraph is named APAListener. Select
a paragraph name appropriate for your installation.
- Statement #3: LocalPortRange specifies a local port or range of
ports, for the inbound connections that this rule will act on. In
this example all clients connecting using ports 8100 to 8199 inclusive
will be affected by this rule and will communicate using SSL. Select
a port range appropriate for your installation.
- Statement #4: JobName specifies the name or name prefix of the Application Performance Analyzer Listener
started task or tasks that this rule will act on. They are the rule
owners. In this example, LI* is the prefix for the Application Performance Analyzer Listener
started task. Select a job name appropriate for your installation.
- Statement #5: Direction specifies the direction the connection
must be initiated from. The direction of the Application Performance Analyzer connection
must be ‘Inbound', indicating it is initiated by the client.
- Statement #6: TTLSGroupActionRef specifies the name of paragraph
that will define the TTLS group actions for this rule. In this example,
the paragraph is named APAListASecureGrpAct. Select a paragraph
name appropriate for your installation.
- Statement #7: TTLSEnvironmentActionRef specifies the name of the
paragraph that will define the TTLS environment actions for this rule.
In this example, the paragraph is named APAListASecureEnvAct.
Select a paragraph name appropriate for your installation.
- Statement #9: TTLSGroupAction defines the group action paragraph
for the rule. This must specify the paragraph name used in Statement
#6.
- Statement #11: GroupUserInstance specifies an instance identifier
for this GroupAction paragraph. The value must be incremented each
time you change this paragraph and wish to refresh the rule using
the REFRESH MODIFY command for the PAGENT started task.
- Statement #12: TTLSEnabled specifies whether AT-TLS is active.
To enable SSL communication in Application Performance Analyzer this value must be ‘On'.
- Statement #13: Trace specifies the level of AT-TLS tracing to
be used for the generated AT-TLS policy. Select a trace level appropriate
for your installation.
- Statement #15: TTLSEnvironmentAction defines the environment action
paragraph for this rule. This must specify the paragraph name used
in Statement #7.
- Statement #17: EnvironmentUserInstance specifies an instance identifier
for this EnvironmentAction paragraph. The value must be incremented
each time you change this paragraph and wish to refresh the rule using
the REFRESH MODIFY command for the PAGENT started task.
- Statement #18: HandShakeRole specifies whether the client or server
performs the SSL handshake. In Application Performance Analyzer the value must be ‘Server',
indicating the server always performs the SSL handshake.
- Statement #19: TTLSKeyRingParms specifies an inline paragraph
for key ring parameters. This is a required parameter.
- Statement #21: KeyRing specifies the name of the key ring used
to store the digital certificates. This must match the name of the
key ring created for Application Performance Analyzer. Refer to the later section Create the Key Ring for more information.
[ Top of Page | Previous Page | Next Page | Contents | Index ]