The documentation portal is undergoing maintenance. During this period, you can't create any new user credentials. If you do, you'll need to recreate the user credential after the maintenance period ends.
The PowerExchange SSL architecture includes the following components:
PowerExchange SSL configured on Linux, UNIX, or Windows machines, which make outbound client secure connections
PowerExchange SSL configured on Linux, UNIX, Windows, and IBM i machines where listeners accept inbound secure connections
AT-TLS installed and configured on
z/OS
for PowerExchange listeners that accept inbound secure connections
PowerExchange Listener configured on z/OS configured on z/OS without SSL
X.509 certificates installed on each Linux, UNIX, or Windows machine in OpenSSL PEM format
X.509 certificates installed on IBM i and z/OS in GSK format
If remote peer certificate validation is performed, then the Certificate Authority that issued the remote certificate must be present as a trusted CA on the local machine
The following figure illustrates the PowerExchange SSL architecture:
You can use SSL communication for some, all, or none of the connections on a PowerExchange network.
For example, you might configure connections as follows:
Configure PowerExchange Listeners to use separate ports for SSL and non-SSL connections.
Configure the PowerCenter Integration Service client to use SSL connections to PowerExchange Listeners.
Configure the PowerExchange Navigator and PowerCenter clients to use non-SSL connections to PowerExchange Listeners.