-conn: Create, update, or delete a connection bundle
Use the -conn command to create, update, or delete a connection bundle.
Syntax
Parameters
Use the following parameters to create, update, or delete a connection bundle for a web service or callout application.
This command changes the server master configuration. Changes take effect in the runtime configuration the next time the server starts.
- -conn
- Specifies the connection bundle task.
- -c
- Specifies that you want to create a connection bundle.
- -u
- Specifies that you want to update an existing connection bundle.
- -d
- Specifies that you want to delete an existing connection bundle. All parameters other than the connection bundle name are ignored when you specify option -d.
- -n bundle_name
- The name of the connection bundle to create or update. The correlator file uses this name to specify which connection properties to use for its associated web service. The name must be 20 characters or less and contain no spaces.
- -h host_name
- The name or IP address of the host system where IMS Connect is running.
- -p port_number
- The port number that SOAP Gateway uses when sending messages to IMS Connect. Valid port numbers are from 0 to 65535. The default is 9999.
- -d datastore_name
- The name of the target IMS Connect data store definition. The name must match the ID parameter of the data store statement that is specified in the IMS Connect configuration member of the IMS.PROCLIB data set, HWSCFGxx. This name also serves as the XCF member name for IMS during internal XCF communications between IMS Connect and IMS OTMA. The name must be in all uppercase characters, and must be eight characters or less.
- -f saf_user_ID
- The default security authorization facility (SAF) user name or Resource Access Control Facility (RACF®) ID that is used for connections with IMS. The user ID must be eight characters or less.
- -s saf_password
- The SAF or RACF password that is used for connections with IMS. The password must be eight characters or less.
- -g saf_group_name
- The name of the SAF group that is used for connections with IMS. The name must be eight characters or less.
- -r new_bundle_name
- Specifies a new name for the connection bundle. The name must be 20 characters or less and contain no spaces.
- -k keystore_name
- The fully qualified path name of the keystore in which client certificates or private keys are stored. A value for this parameter is required if the IMS Connect is configured to use client authentication. Do not specify this parameter if you are not using SSL authentication. Specifying this parameter for a connection bundle that is not using a fully valid HTTPS connection will result in an IOGC0004E error message when a web service that uses this connection bundle is invoked.
- -w keystore_password
- The password of the keystore in which client certificates or private keys are stored. A value for this parameter is mandatory if a keystore is specified. Do not specify this parameter if you are not using SSL authentication. Specifying this parameter for a connection bundle that is not using a fully valid HTTPS connection will result in an IOGC0004E error message when a web service that uses this connection bundle is invoked.
- -t truststore_name
- The fully qualified path name of the truststore in which trusted certificates are stored. A value for this parameter is required if IMS Connect is configured to use client or server authentication. Do not specify this parameter if you are not using SSL authentication. Specifying this parameter for a connection bundle that is not using a fully valid HTTPS connection will result in an IOGC0004E error message when a web service that uses this connection bundle is invoked.
- -o truststore_password
- The password of the truststore in which trusted certificates are stored. A value for this parameter is required if a truststore name is specified. Do not specify this parameter if you are not using SSL authentication. Specifying this parameter for a connection bundle that is not using a fully valid HTTPS connection will result in an IOGC0004E error message when a web service that uses this connection bundle is invoked.
- -e encryption_type
The encryption type used for SSL communication with IMS Connect. A value of STRONG indicates that a strong cipher suite must be used. A value of WEAK indicates that a weak cipher suite must be used, typically selected for export. A value of NONE indicates that authentication must be performed with no encryption of the messages exchanged. Strong and weak are related to the key length of the ciphers. All ciphers that can be used for export are classified as weak and all others as strong. The type of cipher suite varies depending on the JSSE provider and the version of the SSL package provided. For FIPS 140-2 and NIST SP800-131a, set the encryption type to STRONG.
In the process of establishing the SSL session, during the handshake sequence, SOAP Gateway selects the first cipher suite from the appropriate (strong or weak) list of cipher suites supported by the JSSE provider. SOAP Gateway provides this cipher suite to the server (IMS Connect) so the server can determine if it supports the cipher suite specified by the client. Subsequent cipher suites might be selected from the list as the client and server negotiate a cipher suite to be used for the session.
Do not specify this parameter if you are not using SSL authentication. Specifying this parameter for a connection bundle that is not using a fully valid HTTPS connection will result in an IOGC0004E error message.
- -i callout_tpipe_name
- The callout tpipe name. Separate multiple tpipe names with commas.
- -l callout_target_keystore_name
- The name and location of the keystore used by a callout application to authenticate with a target web service. This property is only used when calling out to a web service that uses client authentication.
- -y callout_target_keystore_password
- The keystore password used by a callout application to authenticate with a target web service. This property is required when a callout target keystore name is specified. The password length must be 6 - 20 alphanumeric characters.
- -v callout_target_truststore_name
- The name and location of the truststore used by a callout application to authenticate with a target web service. This property is only used when calling out to a web service that uses client or server authentication.
- -q callout_target_truststore_password
- The truststore password used by a callout application to authenticate with a target web service. This property is required when a callout target truststore name is specified. The password length must be 6 - 20 alphanumeric characters.
- -m callout_target_basic_auth_id
- The callout basic authentication user ID, up to 255 characters. This property is only used when calling out to a web service that uses basic authentication.
- -b callout_target_basic_auth_password
- The callout basic authentication password, up to 255 characters. This property is required when a callout basic authentication user ID is specified.
Create examples
This example command creates a web service provider connection bundle that is named MyBundle. It specifies to connect on port 9990 to the data store MYSTOR on the IMS host named MYHOST.iogmgmt -conn -c -n MyBundle -h MYHOST -p 9990 -d MYSTOR
iogmgmt -conn -c -n MyCalloutConnBundle -h ICONHOST -p 9998
-d IMSSTOR1 -i tpipe1
-m MyCalloutBasicAuthID -b MyCalloutBasicAuthPwd
iogmgmt -conn -c -n MyCalloutConnBundle -h ICONHOST -p 9998
-d IMSSTOR1 -i tpipe1
-l /path/to/MyCalloutClientKeystore.ks -y MyCalloutclientKeystorePwd
-v /path/to/MyCalloutClientTruststore.ks -q MyCalloutClientTruststorePwd
Update example
This example changes the name of the connection bundle from MyBundle to YourBundle. It also specifies a default SAF user name of USER1 and SAF password defaultpass.iogmgmt -conn -u -n MyBundle -r YourBundle -f USER1 -s defaultpass
Delete example
This example deletes the connection bundle that is named YourBundle.iogmgmt -conn -d -n YourBundle