SSL connection
The following statements and parameters specify the settings for the SSL communication.
Note:
- For end-to-end scheduling with fault tolerance capabilities, ensure that you also configured the SSL local options in the localopts file.
- For detailed information about how to configure TLS, see Customizing TLS to connect components with HCL Workload Automation for Z.
Statement | Parameters | Description |
---|---|---|
BKPTOPTS | PEERHTSPORT | The SSL port number used by the HTTP server to listen for SSL-connections. |
SSLAUTHMODE | The SSL authentication type. | |
SSLAUTHSTRING | The string used to verify the certificate validity when you set SSLAUTHMODE to STRING. | |
SSLKEYSTORE | The database containing keys and certificates. | |
SSLKEYSTOREPSW | The file containing the key password. | |
SSLLEVEL | The SSL authentication type. | |
CPUREC | SSLLEVEL | The type of SSL authentication for the workstation. |
SSLPORT | The port used to listen for incoming SSL connections. | |
HTTPOPTS | SSLAUTHMODE | SSL authentication type. |
SSLAUTHSTRING | SSL string used to verify the certificate validity when you set SSLAUTHMODE to STRING. | |
SSLKEYRING | If SSLKEYRINGTYPE is SAF, this parameter specifies the SAF key ring used to connect the security certificates. If SSLKEYRINGTYPE is USS, this parameter specifies the database containing keys and certificates. | |
SSLKEYRINGTYPE | Specifies if the key ring file is a key database USS file or a SAF key ring. | |
SSLKEYRINGPSW | If SSLKEYRINGTYPE is USS, specifies the file containing the key password. | |
SSLPORT | SSL port number used by the HTTP server to listen for SSL-connections. | |
ROUTOPTS | HTTPS | The network addresses for http-connected agent workstations, typically remote engines, HCL Workload Automation for Z agents, or dynamic domain managers. Use HTTPS to define the http connections as SSL-secure connections. |
TCPOPTS | SSLAUTHMODE | The SSL authentication type. |
SSLAUTHSTRING | The string used to verify the certificate validity when you set SSLAUTHMODE to STRING. | |
SSLKEYSTORE | If SSLKEYRINGTYPE is SAF, this parameter specifies the SAF key ring used to connect the security certificates. If SSLKEYRINGTYPE is USS, this parameter specifies the database containing keys and certificates. | |
SSLKEYSTOREPSW | If SSLKEYSTORETYPE is USS, specifies the file containing the key password. | |
SSLKEYSTORETYPE | Specifies if the key ring file is a SAF key ring or a key database USS file. | |
SSLLEVEL | The SSL authentication type. | |
TOPOLOGY | SSLLEVEL | Type of SSL authentication for the workstation. |
SSLPORT | The port used to listen for incoming SSL connections on the server. |
Components | BKPTOPTS | CPUREC | HTTPOPTS | ROUTOPTS | TCPOPTS | TOPOLOGY |
---|---|---|---|---|---|---|
Z controller communicating with: | ||||||
Tracker | ✓ | |||||
Backup controller | ✓ | |||||
Data store | ✓ | |||||
Z controller (z/OS remote engine) | ✓ | ✓ | ||||
Master domain manager (distributed domain engine) | ✓ | ✓ | ||||
Dynamic domain manager (broker) | ✓ | ✓ | ||||
z-centric agent | ✓ | ✓ | ||||
File proxy | ✓ | |||||
Server communicating with: | ||||||
Interface (ISPF, Program Interface, Dynamic Workload Console) | ✓ | |||||
fault-tolerant agent Note: You
are also required to configure the SSL local options in the localopts file. |
✓ | ✓ |