Use the PWXUSSL utility to generate reports about SSL libraries and certificates on Linux, UNIX, and Windows. You can also determine the validity of certificates that are available to a specified user.
With the PWXUSSL utility, you can complete the following tasks:
Convert a PKCS12DER format certificate file to the PEM format for use on a Linux, Unix, or Windows machine.
Verify that a specified PowerExchange user has the authority to view security certificates for the PowerExchange Listener on Linux, Unix, and Windows, that the certificates are current and valid, and that TCP/IP packets can be sent to the PowerExchange Listener.
Run a certificate report to view information from a certificate chain file. The report can include multiple certificates in a PEM chain file.
Run a cipher report to view the cipher suites that are available in the OpenSSL cryptographic library. The report includes the hexidecimal codes that you can use to correlate OpenSSL cipher suites to the AT-TLS cipher suites on z/OS.
Run a return-code or error-code report to view codes from OpenSSL processing and to troubleshoot secure connections.
Run a configuration report to view the PowerExchange Listener and client SSL configuration and to troubleshoot any issues associated with the PowerExchange DBMOVER configuration files.
Run a version report to view the version of OpenSSL that was used to build the cryptographic library. On Linux and UNIX, the cryptographic library file is named
libpmcrypto
. On Windows, the file is named
PMLIBEAY32.DLL
. The report includes the date of the build and compiler settings.
Produce a formatted report of the z/OS AT-TLS rules.