ENHANCEMENT: ADD TLS SUPPORT FOR SYSLOGD AND RVS CONNECTIONS
Release : 3.1
Component : CA VM:Operator
Currently, SYSLOGD data transmission is "clear text" over unsecured socket connections; RVS data transmission is DES3 encrypted over unsecured socket connections.
CA/Broadcom provided an enhancement that provides support in VM:Operator to encrypt data and secure TCP socket connections for RVS and SYSLOGD functions using TLS via z/VM TCP/IP System Services. These TCP socket connections are secured by specifying the new TLSLABEL option on the RVS or SYSLOGD configuration record.
This enhancement is available in VM:Operator PTF SO08021.
Also, VM:Operator PTF SO08479 is a change to the implementation of the TLS support (PTF SO08021) for RVS connections. The original implementation assumed that all defined RVS nodes would use the same TLSLABEL specification (certificate). This was determined to be a potential limitation in the original implementation. Whether you need this additional support or not, you should apply this PTF because it changes the way (where) the TLSLABEL option is specified for each RVS node. The TLSLABEL option has been moved from the RVS VMOPER CONFIG file record to the NODE record in the RVSNODES file.
Additionally, this PTF addresses some potential RVS hangs during RVS initialization.