Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 17 IBM z/OS and IBM i : SSL Implementation on IBM z/OS

SSL Implementation on IBM z/OS
On IBM z/OS systems, secure connections are created using IBM System SSL. To implement IBM System SSL for TIBCO Enterprise Message Service, you must set the necessary environment variables, and use the API documented in the sections below.
Additionally, the EMS client application must run within the context of a user ID which has the necessary privileges to access the IBM System SSL facility. For details about these requirements, see the section on SSL requirements in the TIBCO EMS Client for z/OS (MVS) Installation and Reference.
IBM System SSL Environment Variables
There are some System SSL environment variables related to tracing and debug messages which must be specified before the EMS library is loaded. These environment variables are discussed in the IBM System Secure Sockets Layer programming guide, but a short summary is provided here:
GSK_TRACE <mask> — specify 255 to trace everything
These two values enable detailed tracing of all GSK calls to a file. The file may subsequently be formatted for viewing using the gsktrace command.
GSK_HW_CRYPTO <crypto mask>65535 to enalble all, 0 to disable all hardware cryptographic functions.
GSK_SSL_HW_DETECT_MESSAGE — if set, causes brief messages regarding the state of the installed hardware to be written to stdout when the application is started.
Call Summary
Table 16 provides a list of the API calls used to configure IBM System SSL.
 
tibemsSSL_System_GetTrace
tibemsSSL_System_GetDebugTrace
tibemsSSL_GetTrace
tibemsSSL_GetDebugTrace
tibemsSSL_System_SetTrace
tibemsSystemSSL_SetDebugTrace
tibemsSSL_SetTrace
tibemsSSL_SetDebugTrace
 

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved