PowerExchange for CDC and Mainframe
- PowerExchange for CDC and Mainframe 10.4.1
- All Products
## ## AT-TLS Policy Agent Configuration file for: ## Image: MHZ2 ## Stack: TCPIP ## This is a sample AT_TLS Policy Agent Configuration file for Power Exchange, based ## on a subset of a file originally created by the IBM z/OS Network Security ## Configuration Assistant application. ## ## It defines a listener (jobname PWXSSL85) which acts as SSL server ## (Direction=inbound) and a second listener (PWXSSLMX) which acts as SSL server only ## when connected via its port 18501. ## ## TLSRule 0-1 defines listener with jobname PWXSSL85 which as as SSL server for all ## connections (connection direction is inbound - from client to listener). ## - IpAddrSet addr1 specifies that the rule applies to any IP address and port. ## - Group Action gAct1 specifies that SSL is to be enabled for this connection. ## - Environment Action eAct1 specifies that the listener acts as SSL server, with ## keyring defined by the keyR-MHZ2 TTLSkeyRingPArms statement. ## - Connection Action cAct1 specifies that encryption parameters defined by ## TTLSCipherParms statement cipher1~AT-TLS__Silver, and that the listener is to act ## as SSL server (without client certificates). ## ## TLSRule 0-5 defines a similar listener with jobname PWXSSLMX which has more than one ## listener port. It is to use SSL only if communicating via its port 18501 (portrange ## statement portR1. ## ## TTLSCipherParms cipher1~AT-TLS__Silver shows a list on Cipher Suites which can be used ## for the connections. ## TTLSRule 0~1 { LocalAddrSetRef addr1 RemoteAddrSetRef addr1 Jobname PWXSSL85 Direction Inbound Priority 255 TTLSGroupActionRef gAct1 TTLSEnvironmentActionRef eAct1 TTLSConnectionActionRef cAct1 } TTLSRule 0~5~ { LocalAddrSetRef addr1 RemoteAddrSetRef addr1 LocalPortRangeRef portR1 Jobname PWXSSLMX Direction Inbound Priority 251 TTLSGroupActionRef gAct1 TTLSEnvironmentActionRef eAct1 TTLSConnectionActionRef cAct1 } TTLSGroupAction gAct1 { TTLSEnabled On Trace 7 } TTLSEnvironmentAction eAct1 { HandshakeRole Server EnvironmentUserInstance 0 TTLSKeyringParmsRef keyR~MHZ2 } TTLSEnvironmentAction eAct2 { HandshakeRole Client EnvironmentUserInstance 0 TTLSKeyringParmsRef keyR~MHZ2 } TTLSConnectionAction cAct1 { HandshakeRole Server TTLSCipherParmsRef cipher1~AT-TLS__Silver Trace 7 } TTLSConnectionAction cAct2 { HandshakeRole Client TTLSCipherParmsRef cipher1~AT-TLS__Silver Trace 7 } TTLSKeyringParms keyR~MHZ2 { Keyring ATTLS_keyring } TTLSCipherParms cipher1~AT-TLS__Silver { V3CipherSuites TLS_RSA_WITH_DES_CBC_SHA V3CipherSuites TLS_RSA_WITH_3DES_EDE_CBC_SHA } IpAddrSet addr1 { Prefix 0.0.0.0/0 } PortRange portR1 { Port 18501 }