Use the PowerExchange PWXUSSL utility to generate reports about SSL libraries and certificates on Linux, UNIX, and Windows.
The PWXUSSL utility supports the following commands and reports:
CONVERT_CERT_PKCS12_PEM command. Converts certificates that were created on z/OS in PKCS12DER format to the PEM format that can be used on Linux, Unix, and Windows machines.
PING command. Verifies that a secure connection can be established between the machine from which you issue the command and a PowerExchange Listener on a remote node.
Certificate report. Reports information from a certificate chain file.
Ciphers report. Reports the cipher suites that are available in the OpenSSL cryptographic library. The ciphers report distinguishes which ciphers belong to each protocol and clarifies how IBM i and z/OS cipher names match to equivalent OpenSSL cipher names.
Codes report. Reports all available OpenSSL return codes when verification of peer certificates fails.
Configuration report. Reports information about the DBMOVER configuration file settings that are in effect when the report is run.
Error codes report. Reports error codes returned from SSL processing during an attempt to establish a secure connection between the PowerExchange Listener and client. This report can be used to help diagnose connection errors.
Version report. Reports the version of OpenSSL that was used to build the cryptographic library.
You can specify the REPORT_ZOS_ATTLS_POLICY command to generate a report of the z/OS AT-TLS rules from a copy of the AT-TLS policy file downloaded by FTP to Windows.