(Now with some actual data.) I just ran a RECEIVE ORDER for the first time in a while. It appears to invoke only HTTPS, but there are some message with 'FTP' in the text. E.g.
<transport>FTP</transport> <transport>FTPS</transport> I'm hoping nothing to worry about. . . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-302-7535 Office [email protected] -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Gibney, David Allen Sent: Wednesday, March 09, 2016 2:46 PM To: [email protected] Subject: (External):Re: IBM secure z/OS software delivery: Don't get locked out! AS noted in my reply a day or so ago, I am successfully submitting the RECIEVEORDER securely (at least I think I am, it fails when the certificate expires:)) But, then when it fires up FTPS to retrieve the package, the TLS (or AT-TLS) handshake fails. > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] > On Behalf Of Kurt Quackenbush > Sent: Wednesday, March 09, 2016 2:38 PM > To: [email protected] > Subject: Re: IBM secure z/OS software delivery: Don't get locked out! > > > ... I'm only mildly concerned about > > the keyring name, as we use a totally different name associated with > > SMP/E, not with Java. That keyring works fine today. > > If you're already downloading securely, then you can continue to use > your same keyring. My example in the article was simply that, an > example, which uses the default Java truststore instead of a security manager > (RACF) keyring: > > <CLIENT > downloadmethod=”https” > downloadkeyring=”javatruststore” > javahome="/usr/lpp/java/J6.0" > > > </CLIENT> > > I call this the "Fast Path" because for someone that is not already > downloading securely, then using HTTPS with the Java truststore is the > quickest and simplest choice because you don't need to mess around > with keyrings or a security manager product at all. > > If anyone is interested, more details can be found here: > https://urldefense.proofpoint.com/v2/url?u=http- > 3A__www.ibm.com_support_knowledgecenter_SSLTBW- > 5F2.2.0_com.ibm.zos.v2r1.gim3000_dsetups.htm&d=CwIDaQ&c=C3yme8gMkx > g_ihJNXS06ZyWk4EJm8LdrrvxQb- > Je7sw&r=u9g8rUevBoyCPAdo5sWE9w&m=vkv4CpLe_hygd7rNmto_QCrcBflG_Y > A6s0g2dvojUTE&s=K3EXMlACn-O47e9WLTyXIE2I_lbl-1mZlh3MS3oFSGo&e= > > Kurt Quackenbush -- IBM, SMP/E Development ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
