The TCPIPT stack configuration file /etc/pagent_TTLS.conf3 has all the AT-TLS configuration statements for that stack:
# Path: /etc/pagent_TTLS.conf3
# This is a sample AT-TLS configuration file for
# stack TCPIPT, server CICSDEV1.
# Server port #3042 is defined as SSL and port #3042 - as non-SSL
# Client is to connect to a remote SSL port #6005.
#### Inbound definitions #### #
#
TTLSRule DEV1SY02 # Listener on port #3042
{
LocalPortRange 3042
Userid DFHCICS
Direction Inbound
TTLSGroupActionRef TTLSGRP1
TTLSEnvironmentActionRef TTLSENV1
}
TTLSGroupAction TTLSGRP1
{
TLSEnabled On
Trace 1 # Log Errors to TCP/IP job log
}
TTLSEnvironmentAction TTLSENV1
{
HandshakeRole Server
EnvironmentUserInstance 1
TTLSKeyRingParms
{
Keyring CICSDEV1 # Refers to RACF database
}
}
# Port #3043 is not AT-TLS configured
TTLSRule DEV1SY03 # Listener on port #3043
{
LocalPortRange 3043
Userid DFHCICS
Direction Inbound
TTLSGroupActionRef TTLSGRP2
}
TTLSGroupAction TTLSGRP2
{
TTLSEnabled Off
Trace 1 # Log Errors to TCP/IP job log
}
TTLSEnvironmentAction TTLSENV2
{
HandshakeRole Server
EnvironmentUserInstance 3
TTLSKeyRingParms
{
Keyring CICSDEV1 # Refers to RACF database
}
}
#
#### Outbound definitions ####
#
TTLSRule DEV1Client # Client
{
RemotePortRange 6005 # Remote port to connect to
Userid DFHCICS
Direction Outbound
TTLSGroupActionRef TTLSGRP3
TTLSEnvironmentActionRef TTLSENV3
}
TTLSGroupAction TTLSGRP3
{
TTLSEnabled On
Trace 1 # Log Errors to TCP/IP job log
}
TTLSEnvironmentAction TTLSENV3
{
HandshakeRole Client
EnvironmentUserInstance 1
TTLSKeyRingParms
{
Keyring CICSDEV1 # Refers to RACF database
}
}
