Conversion steps for MOI and MSS to use TLS 1.2 level security
Article ID: 224380
Updated On:
Products
CA Mainframe Operational Intelligence
Issue/Introduction
Mainframe Operational Intelligence (MOI) 2.0.06 and Message Service Server (MSS) currently use TLS 1.0 for security between the products. Some customers are requiring TLS 1.2. The resolution in this Knowledge Document provides the steps needed for both MSS and MOI to change the TLS version to 1.2.
Environment
Release : 2.0
Component : MF OPERATIONAL INTELLIGENCE
Service pack: 2.0.0*
Resolution
NOTE: If you are not sharing the ZMSENVT2 member parms across a SYSPLEX, you will need to perform Steps 1 through 3 for each MSS that you have installed before completing Steps 4 and 5.
To change your TLS 1.0 level to TLS 1.2, you will first need to configure the Message Service Server environment variables.
1) Edit the ZMSENVT2 member in the <your deployment HLQ>.CAW0OPTV dataset
2) Insert this line:
IJO="$IJO -Dcom.ibm.jsse2.
The line should be inserted above the line that states:
export IBM_JAVA_OPTIONS="$IJO "
3) Stop and start the Message Service server started task
For example:
/p ZMSSTART
/s ZMSSTART
4) You will now need to make changes on the MOI appliance. File transfer the runscript_1632315435095.sh attached to this Knowledge Doc to the MOI appliance linux machine.
5) Then follow these steps:
chmod +x runscript.sh
./runscript.sh
Attachments
Feedback
Yes
No
Powered by
