Yes, it does the encryption (and more important - the negotiation) without the
z/OS application having to be aware, though the app can be if it wants to.
[snip]
Trying to summarize what I understand so far.
An SSL capable application does all the handshake and en/decryption stuff by
itself.
Yes, that's basically it as I now understand. We currently have it
configured for CICS sockets but now also want to configure it where z/OS is
the client and Websphere on windows is the SSL client. See below for SHARE
presentation.
https://share.confex.com/share/120/webprogram/Session12775.html
That should have said SSL server and not SSL client obviously.
Jim Mc.
On 3 May 2014 10:28, Jim McAlpine jim.mcalp...@gmail.com wrote:
Yes, that's basically it as I now understand. We currently have it
configured for CICS sockets but now also want to configure it where z/OS is
the client and
Yes - this is probably the classic use case for AT-TLS.
Wouldn't this only encrypt the path from ip to ip. ip would decrypt and send
plain text to WebSphere?
I understand application transparent to say that the traffic is enctrypted
on the wire (only) without the help of applications. Am I
