On 1 May 2015 at 08:52, Mark Regan <[email protected]> wrote: > We are looking to implement AT-TLS at my site, but I need to find out > if any STCs are doing SSL in their own address space. Are there > commands or SMF records that can be looked at to determine this?
"Doing SSL" covers a lot of ground. Do you want to consider only calls to System SSL (the gsk_... routines)? Or an application program that includes, say, OpenSSL or another library, or even has its own code? Assuming the former, you could capture System SSL Component Trace records and see who shows up. But of course that would capture at best actual System SSL activity during your monitoring interval; it can't tell you about a job that didn't run that day. Component trace is described in the Diagnostics chapter of the System SSL Programming book, which -- I notice -- does not contain the word "SMF". Another approach might be to look at ICSF activity as a proxy for SSL use. Depending on your environment, there may be little or no other ICSF work going on. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
