search cancel

Configuring SSL/TLS with XCOM

book

Article ID: 216348

calendar_today

Updated On:

Products

XCOM Data Transport - z/OS XCOM Data Transport

Issue/Introduction

Testing XCOM transfers with SSL/TLS on Windows

  1. run makeca
  2. copy cassl.pem from z/OS to windows certs directory
  3. copy casslkey.pem from z/OS to windows private directory
  4. run makeclient
  5. run makeserver
  6. On XCOM for z/OS Initiate send file to xcom windows with TLS 1.2: success.

 

QUESTION:

There are multiple z/OS lpar(s) and performing send/receive transfers to/from single xcom windows.  How to manage  the makeca, makeclient and makeserver on windows to support TLS 1.2 transfer for multiple z/OS lpar(s)?

 

Environment

Release : 12.0

Component : XCOM Data Transport for z/OS

Resolution

Keeping and managing the SSL certificates at a site is the responsibility of the Security Admin for z/OS and Windows. You will need to direct that question to the site's Security/Network team.

When you create the SSL certificates using the makeca, makeclient, and makeserver provided by XCOM, you are creating sample SSL certificates. We strongly suggest that the certificates created by the make scripts be used in a test environment only. 

For production systems/environments the site may already have procedures that need to be followed including SSL certificates that they use for production. Again, please direct that question to their Security/Network team.