On 03/05/2014 11:53 PM, Jake anderson wrote: > Hello, > > Cross Posted on IBM MAIN and RACF-L > > Are there anyone who has set AT-TLS for zAware on Z/OS. I have been > referring a RED book on enabling at-tls but I am not able to understand the > need of importing zAware certificates to RACF. If my Understanding is > correct zAware does not have any interaction with RACF DB. Since zAware > acts as an LPAR and gets the Z/OS image information via Logstream. > > Could someone enlighten me the need of zAware certificate on RACF DB ? How > this is going to be useful for the zAware Users ? > > z/OS : 2.1 > > Jake > If zAware requires configuration for AT-TLS, that says it is using encrypted TCP/IP connections to the z/OS images, and it would be TCP/IP on those z/OS images that would be using the certificates in RACF to validate that connection, not zAware directly. Now as to whether setting up AT-TLS support for zAware is always required, of that I have no idea. Perhaps there would be cases where existing network security for the communication path might make that redundant.
-- Joel C. Ewing, Bentonville, AR [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
