Cipher support for CCI TCPIP and CCS Tomcat
search cancel

Cipher support for CCI TCPIP and CCS Tomcat

book

Article ID: 415555

calendar_today

Updated On:

Products

Common Components and Services for z/OS

Issue/Introduction

Investigating the ciphers for Common Components and Services for z/OS and need details for Product CCI TCPIP & CCS Tomcat.
  1. Does CCI TCPIP & CCS Tomcat support AT-TLS?
  2. What security ciphers are supported and enabled in the product configuration, what is the order? And how to disable weak ciphers?

Environment

Common Components and Services for z/OS 15.0 - z/OS supported releases - 

Resolution

  1. Yes, to allow AT-TLS to handle the security of the CCS Apache Tomcat region, change the region to non-secure. Having AT-TLS and CCS Apache Tomcat handle security simultaneously causes connection failures.
  2. To allow AT-TLS to handle CCI connections, use the default CCITCP PROC, which has 'UNSECON' enabled.  
    If using AT-TLS, please consult IBM for the cipher configuration.

 

Powered by Wolken Software