PAGENT does not always report problems with the configuration. You might try going into USS and issuing *pasearch -t -f Our_Outbound_Application 1>a* or just *pasearch -t 1>a *
*oedit a* and search for your rule. If you have updated the configuration you need to do f pagent,update in my proc I have //PAGENT EXEC PGM=PAGENT,REGION=0K,TIME=NOLIMIT, // PARM='&EN/ -l /var/log/pagent.log -d 32' Look in the file and search for "WARNING" and OBJERR" and see if there are any errors Colin and see what definition you are actually using On Fri, 14 Oct 2022 at 07:54, ITschak Mugzach <[email protected]> wrote: > We have a CICS transaction that opens a socket (EZASOCKET) on port 9443 to > an external server. > We copied the default PAGENT configuration for AT-TLS and modified it as > below. However, TCPIP (that starts that PAGENT task claims "EZZ4249I TCPIP > INSTALLED TTLS POLICY HAS NO RULES" > > We wanted 943 to be encrypted by the CICSR userid certificate placed on > ring CICSRKEYRING. > > What is wrong with the below definitions (*and the others copied from the > sample directory)? > > > TTLSRule Our_Outbound_Application > { > Userid CICSR > RemotePortRange 9443 > Direction Outbound > TTLSGroupActionRef grp_Production > TTLSKeyRingParms > { > Keyring CICSRKEYRING > } > TTLSConnectionActionRef grp_Production > #TTLSEnvironmentActionRef Generic_Client_App > } > > > ITschak Mugzach > *|** IronSphere Platform* *|* *Information Security Continuous Monitoring > for z/OS, x/Linux & IBM I **| z/VM coming soon * > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
