Creating SSL members

When you create or edit a target definition, you can specify the SSL member that you want the target definition to use. During target creation, you can also create a new SSL member. Alternatively, you can create an SSL member at any time by using a global line command, as explained in the following procedure.

From any MainView for Java Environments view, type ADDSEC on the COMMAND line.

The Create Security Member Dialog is displayed.

                         Create Security Member Dialog 
  COMMAND ===>                                              SCROLL ===> PAGE  
                                                                     MORE: +  
  Security Information                                                        
                                                                              
  Description     JMX Security Definition                                     
                                                                              
  Member Suffix   NO   Suffix                                                 
  SSL Enabled     N    SSL to remote JVM                                      
  Password Auth   N    Password Check                                         
  Client Auth     N    Client must Auth                                       
  SSL Debug       N    SSL Debug Info                                         
                                                                              
  Keystore                                                                    
                                                                              
  Key Password                                                                
  Key Type                                                                    
                                                                              
  Truststore                                                                  
                                                                              
  Trust Password                                                              
  Trust Type

Complete the fields as described in the following table:

Field	Default value	Description
Description=description	No default	Description of the SSL member
Member Suffix=xx	xx	Suffix for the new SSL member Define a two-character number or alphanumeric suffix.
SSL Enabled=[YES \| NO]	N	Whether the target JVM requires SSL security for the connection
Password Auth=[YES \| NO]	N	Whether to enable password checking at the client
Client Auth=[YES \| NO]	N	Whether the target JVM requires SSL client authentication
SSL Debug=[YES \| NO]	N	Whether to create debug information on connection communications
Keystore=keystorePath	No default	USS path to a keystore for SSL handshaking When the target JVM requires SSL security (SSL Enabled=YES), the implementation of SSL security is either Java SSL (JSSE) or RACF SSL. Valid values are as follows: Java SSL (JSSE) – the file path of the keystore RACF SSL – the name of the RACF keyring
Key Password=keystorePassword	No default	Password for the specified keystore
Key Type=keystoreType	No default	Type of keystore Valid values are: Java SSL (JSSE) – JKS RACF SSL – JCERACFKS
Truststore=truststorePath	No default	USS path to a truststore for SSL handshaking When the target JVM requires SSL security (SSL Enabled=YES), the implementation of SSL security is either Java SSL or RACF SSL. Valid values are as follows: Java SSL (JSSE) – the file path of the truststore RACF SSL – the name of the RACF keyring
Trust Password=truststorePassword	No default	Password for the specified truststore
Trust Type=truststoreType	No default	Type of truststore Valid values are: Java SSL (JSSE) – JKS RACF SSL – JCERACFKS

On the COMMAND line, enter SAVE.

Related topic

Using

Creating SSL members

Comments