On Tuesday, 11/30/2010 at 06:39 EST, "Schuh, Richard" <[email protected]> wrote:
> We have a person who is trying to get a secure end-to-end transaction between a > CMS client and a TPF host. RXSOCKET is being used by the CMS client. The port > specified is 51105, which has been designated as a secure port. He has traced > the SSLSERV and sees no traffic going through it; however, the connection to > TPF is made and it is not secure. The ASSORTEDPARMS are coded as: > > ASSORTEDPARMS > SECURELOCAL > PROXYARP > IGNOREREDIRECT > FREELOWPORTS > ENDASSORTEDPARMS > > What is the magic that will allow this to be done. None. The description of SecureLocal is somewhat deficient. It applies only to loopback connections and only to sockets managed by the Pascal/VMCF socket interface. The RxSocket/C/IUCV socket interface does not have support for SSL. Under normal circumstances, loopback connections for static SSL connections would be superfluous since the traffic never leaves the stack and the secured apps can't tell the difference. "SecureLocal" overrides that decision in case you have a stack that you want to use for testing the management and use of SSL. Alan Altmark z/VM and Linux on System z Consultant IBM System Lab Services and Training ibm.com/systems/services/labservices office: 607.429.3323 [email protected] IBM Endicott
