Question & Answer
Question
A remote SSL/TLS protected client sends it's SSL client hello to a z/OS server that is protected with ATTLS. The connection between the client and server is mapping to the attls defined rule, as seen in the EZD1281I written to syslogd, yet no SSL server hello is sent in response.
Answer
The zOS server ATTLS policy was incorrectly coded to have ApplicationControlled yes.
ApplicationControlled should only be used at the direction of the application owner as it requires specific application function calls to allow SSL flows to occur
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Platform":[{"code":"PF035","label":"z\/OS"}],"Component":"","Version":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Product Synonym
ZOSCS COMMSERVER
Was this topic helpful?
Document Information
Modified date:
06 June 2018
UID
dwa1451683