SSL connection
The following statements and parameters specify the settings for the SSL communication.
Note:
- For end-to-end scheduling with fault tolerance capabilities, ensure that you also configured the SSL local options in the localopts file.
- For detailed information about how to configure TLS, see Customizing TLS to connect components with HCL Workload Automation for Z.
| Statement | Parameters | Description |
|---|---|---|
| BKPTOPTS | PEERHTSPORT | The SSL port number used by the HTTP server to listen for SSL-connections. |
| SSLAUTHMODE | The SSL authentication type. | |
| SSLAUTHSTRING | The string used to verify the certificate validity when you set SSLAUTHMODE to STRING. | |
| SSLKEYSTORE | The database containing keys and certificates. | |
| SSLKEYSTOREPSW | The file containing the key password. | |
| SSLLEVEL | The SSL authentication type. | |
| CPUREC | SSLLEVEL | The type of SSL authentication for the workstation. |
| SSLPORT | The port used to listen for incoming SSL connections. | |
| HTTPOPTS | SSLAUTHMODE | SSL authentication type. |
| SSLAUTHSTRING | SSL string used to verify the certificate validity when you set SSLAUTHMODE to STRING. | |
| SSLKEYRING | If SSLKEYRINGTYPE is SAF, this parameter specifies the SAF key ring used to connect the security certificates. If SSLKEYRINGTYPE is USS, this parameter specifies the database containing keys and certificates. | |
| SSLKEYRINGTYPE | Specifies if the key ring file is a key database USS file or a SAF key ring. | |
| SSLKEYRINGPSW | If SSLKEYRINGTYPE is USS, specifies the file containing the key password. | |
| SSLPORT | SSL port number used by the HTTP server to listen for SSL-connections. | |
| ROUTOPTS | HTTPS | The network addresses for http-connected agent workstations, typically remote engines, HCL Workload Automation for Z agents, or dynamic domain managers. Use HTTPS to define the http connections as SSL-secure connections. |
| TCPOPTS | SSLAUTHMODE | The SSL authentication type. |
| SSLAUTHSTRING | The string used to verify the certificate validity when you set SSLAUTHMODE to STRING. | |
| SSLKEYSTORE | If SSLKEYRINGTYPE is SAF, this parameter specifies the SAF key ring used to connect the security certificates. If SSLKEYRINGTYPE is USS, this parameter specifies the database containing keys and certificates. | |
| SSLKEYSTOREPSW | If SSLKEYSTORETYPE is USS, specifies the file containing the key password. | |
| SSLKEYSTORETYPE | Specifies if the key ring file is a SAF key ring or a key database USS file. | |
| SSLLEVEL | The SSL authentication type. | |
| TOPOLOGY | SSLLEVEL | Type of SSL authentication for the workstation. |
| SSLPORT | The port used to listen for incoming SSL connections on the server. |
| Components | BKPTOPTS | CPUREC | HTTPOPTS | ROUTOPTS | TCPOPTS | TOPOLOGY |
|---|---|---|---|---|---|---|
| Z controller communicating with: | ||||||
| Tracker | ✓ | |||||
| Backup controller | ✓ | |||||
| Data store | ✓ | |||||
| Z controller (z/OS remote engine) | ✓ | ✓ | ||||
| Master domain manager (distributed domain engine) | ✓ | ✓ | ||||
| Dynamic domain manager (broker) | ✓ | ✓ | ||||
| z-centric agent | ✓ | ✓ | ||||
| File proxy | ✓ | |||||
| Server communicating with: | ||||||
| Interface (ISPF, Program Interface, Dynamic Workload Console) | ✓ | |||||
| fault-tolerant agent Note: You
are also required to configure the SSL local options in the localopts file. |
✓ | ✓ | ||||