IBM Mainframe Forum Index
Log In
IBM Mainframe Forum Index Mainframe: Search IBM Mainframe Forum: FAQ Register

CICS & IPCONN install issue with SSL and a public certif

IBM Mainframe Forums -> CICS
Post new topic   Reply to topic
View previous topic :: View next topic  
Author Message

New User

Joined: 05 May 2013
Posts: 5
Location: Israel

PostPosted: Tue May 28, 2013 1:35 pm
Reply with quote


I am try to connect two CICS with SSL.
We have a working IPCONN connection, and want to add to it the SLL using client/server certificates.

What we did was create two certificates, one for each CICS. We created the rings, defined them in the CICS, and each side exported the certificate to the other and imported. We did that before in CICS version 3.2 (we had other issues than), and we are now at version 4.2 (other side is 4.1).

So each system has its private and public keys, and the public of the other side.

We defined the TCPIPService on each system
Certificate = Local server certificate name
We defined the IPCONN on each system
Certificate = Remote server public certificate we imported
Linkauth = Secuser
Userauth = Identify
Securityname = Username running on each side.

On the CICS 4.1 system, the install of the IPCONN is fine.
On the CICS 4.2 system, the install gives and error:
DFHAM4889E Install of IPCONN ___ failed because CERTIFICATE (remote system certificate) is invalid.
DFHAM4928E Install of IPCONN ___ failed because the specified certificate deos not have a private key.

The remote system has exported their certificate as they always do. We imported it using the racf command as we did before:
RACDCERT ID (cics user) ADD(file) TRUST

I'm trying to figure out what I am doing wrong.
As far as I know, I don't need to get the private of the remote system, and the IPCONN is supposed to use the client certificate.
This is according to the guides I was able to find online and what I could figure out from the CICS to CTG example in the cics documentation.

Any help will be appreciated icon_smile.gif

Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   Reply to topic View Bookmarks
All times are GMT + 6 Hours
Forum Index -> CICS


Similar Topics
Topic Forum Replies
No new posts Issue with CR+ catalog backup job. JCL & VSAM 16
No new posts COBOL/CICS Emulators CICS 4
No new posts How to issue a non-blocking popup CLIST & REXX 8
No new posts DFHLS2WS WSDL CICS 0
No new posts How to get RBA value from CICS EVENT CICS 5
Search our Forums:

Back to Top