Currently running CCITCPGW to provided CCI connections between LPARS and now looking to setup SSL connections.

There is a separate started task that needs to be implemented with a secure port and certificate. Which sample is supplied to support this effort for the started task?

The started task with a secure port and certificate is known as CCISSLGW.

The sample can be found in the library: yourHLQ.CAW0PROC(CCISSLGW)


Being that it is not possible to run a single CCI task with 2 separate ports defined. the advice is to configure the CCISSLGW task to startup with the required certificates and its own port number. By default the port number is 1721.

This CCISSLGW task is started via the PROTOCOL(TCPSSLGW) statement.

With this setup, the CCITCPGW task will be using one port and be the non-secured connection and the CCISSLGW task will use a different port and be the secured connection.


The alternative is to configure the CCISSLGW task to startup with the required certificates, but set UNSECON=NONSSL.

Once this is up and running, you can shutdown CCITCPGW and all connections can be managed with this one task.

With UNSECON=NONSSL defined, a remote CAICCI not supporting TLS will connect unsecured and a remote CAICCI supporting and enabled for TLS will establish a secure connection.