We are working on the secured transfer with AT-TLS set up for XCOM. We created two batch jobs having the IPPORT parameter using two different TYPE=EXECUTE and TYPE=SCHEDULE transfers.

By checking the TSO XCOM operator control (the Cipher Suite Used part under the SSL Details section). It worked with the TYPE=EXECUTE transfer.

However, the Cipher Suite Used part shows *Not Available* when using the TYPE=SCHEDULE transfer. We checked the log and saw it routes back to the default port even though we add the IPPORT parm for the encryption.

Could you advise me on how to set it up correctly when using the TYPE=SCHEDULE transfer?

Release : 12.0

XCOM for z/OS

The Cipher Suite Used part shows *Not Available" when the schedule is taking place because AT-TLS is not used when doing the schedule but does during the actual transfer.

If you configure the server's listener port to be intercepted by AT-TLS using the STCPORT=, your AT-TLS rule has to be defined for that.

But the biggest piece is for AT-TLS to convert the connection to SSL.  You don't need SECURE_SCHEDULE=YES if the configuration is right.

It sounds like you have it configured for the remote partner.  Now you need it for the server.  If you need a different port (listener) in the server for that, you should use AT-TLS_PORTS= to set up a special listener with its port defined to AT-TLS

To summarize: You have to have a rule and use the STCPORT= on the PARM and AT-TLS should intercept it because of the port specified on STCPORT. The rules allow for setting PORTs and IP ADDRESSES.