Configuring IMS Connect for SOAP Gateway

You must configure IMS Connect to allow SOAP Gateway to access IMS transactions.

Ensure that IMS Connect and IMS Open Transaction Manager Access (OTMA) are properly configured and enabled. Ensure that IMS Connect and OTMA are set up with the correct level of security.

To configure IMS Connect for SOAP Gateway:

Configure IMS Connect with user exit routine HWSSOAP1.
The HWSSOAP1 exit routine is an IMS Connect exit routine that manages the translation of message headers on input and output messages and provides a point of control to modify, route, and check security for messages from and to SOAP Gateway.

Ensure that the HWSSOAP1 exit routine is specified within the IMS Connect configuration member EXIT keyword within the TCPIP statement, as shown in the following sample code for the IMS Connect configuration member HWSCFGxx:
```
HWS=(ID=HWS8,RACF=Y,XIBAREA=20)
TCPIP=(HOSTNAME=MVSTCPIP,RACFID=RACFID,
PORTID=(9999,LOCAL),MAXSOC=2000,TIMEOUT=8800,
EXIT=(HWSSMPL1,HWSSOAP1))
ADAPTER=(XML=Y)
```
Configure IMS Connect with user exit routine HWSSMPL1.
The HWSSMPL1 exit routine internally manages SOAP Gateway ping support in IMS Connect. It is provided in the IMS.SDFSSMPL data set. Add the HWSSMPL1 exit routine to the EXIT parameter of the TCPIP statement of the HWSCFGxxx member in the IMS.PROCLIB data set. For more information about the exit routine, see in IMS 14 Exit Routines.
For NIST SP800-131a, configure IMS Connect to enable TLSv1.2 support.
1. Turn on TLS v1.2 support in the IMS Connect SSL configuration member by setting the GSK_PROTOCOL_TLSV1_2 variable to GSK_PROTOCOL_TLSV1_2_ON:
```
GSK_PROTOCOL_TLSV1_2=GSK_PROTOCOL_TLSV1_2_ON
```
2. Specify the cipher suite to enable. For example:
```
GSK_V3_CIPHER_SPECS=3C0906030201
```
  In this example, the first two characters, 3C, indicate 128-bit AES encryption with SHA-256 message authentication and RSA key exchange. For more information about cipher suite definitions for TLS v1.2, see Cipher Suite Definitions in z/OS® Cryptographic Services System SSL Programming information.
For more information about IMS Connect SSL setup and related variables, see the SSL initialization topic in IMS 14 Communications and Connections.
After changing the IMS Connect configuration member, restart IMS connect.
Optional: Configure SSL communications. You can use either z/OS Communications Server Application Transparent Transport Layer Security feature (AT-TLS) or IMS Connect to manage your SSL communications. AT-TLS is recommended because it provides greater flexibility with respect to the use of ports in addition to simplifying the IMS Connect security implementation.
- For more information about configuring z/OS AT-TLS, see z/OS: Communications Server IP Configuration Guide.
To use the XML conversion function in IMS Connect, you must configure the IMS Connect XML adapter function.