SMP/E for z/OS User's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Options that affect HTTPS operations

SMP/E for z/OS User's Guide
SA23-2277-01

The following example <CLIENT> tag tells SMP/E that files should be downloaded using the HTTPS protocol, thus enabling secure and encrypted transfers.
<CLIENT
  downloadmethod=”https”
  downloadkeyring=”javatruststore” 
  javahome="/usr/lpp/java/J6.0"
  >
  <HTTPPROXY host=”local.httpproxy.com”>
  </HTTPPROXY>
</CLIENT>
downloadmethod
Identifies the network protocol to use for downloading files from the remote server to the local z/OS. The IBM secure delivery server supports values of either https or ftp. Specify a value of https to indicate files will be downloaded using HTTPS.
downloadkeyring
Identifies the location of the certificate authority certificates required for the SSL handshake with the HTTPS server. The name for a security manager keyring, or the keyword javatruststore may be specified.

Start of changeIf you choose to manage certificate authority certificates with your z/OS security manager, you can specify a real or virtual keyring. The simplest keyring specification is to use the CERTAUTH virtual keyring, *AUTH*/*. Using the CERTAUTH virtual keyring indicates all of the trusted CA certificates defined in the security manager database are available for use during the SSL handshake. This includes the required GeoTrust Global CA certificate described in the topic Enabling certificate authority certificates.End of change

If you specify the keyword javatruststore, then all of the certificate authority certificates in the default Java truststore are available for use. A Java truststore is a Java keystore file containing the collection of trusted certificate authority certificates. The default Java truststore includes the required GeoTrust Global CA certificate, and is located relative to the Java home directory, which is specified on the javahome attribute, or on the SMPJHOME DD statement.

javahome
Start of changeSpecifies the location for the Java runtime to be used by SMP/E. SMP/E uses the capabilities of Java 6 for its HTTPS operations. Therefore, specify the location for the IBM 31-bit SDK for z/OS, Java Technology Edition Version 6 (5655-R31), or the IBM 64-bit SDK for z/OS, Java Technology Edition Version 6 (5655-R32), or a logical successor, on the javahome attribute.End of change
<HTTPPROXY>
Optional tags are available to describe local HTTP or SOCKS proxy servers. A proxy server redirects HTTP requests to the remote server on the Internet. The <HTTPPROXY> tag is used to identify a local HTTP proxy server, and the <HTTPSOCKSPROXY> tag is used to identify a local SOCKS proxy server.

The <HTTPPROXY> and <HTTPSOCKSPROXY> tags are optional, and should be specified only if HTTP requests to the Internet from your z/OS system are required to pass through a specific HTTP or SOCKS proxy server. For example, if you must specify a proxy server in your Internet browser configuration to allow you access to Web sites on the internet, then you might need to specify the <HTTPPROXY> or <HTTPSOCKSPROXY> tag in the CLIENT data set.

If you use an HTTP or SOCKS proxy server, and it requires authentication, the user and pw attributes can be used to specify the proxy server user ID and password. Also, if your HTTP or SOCKS proxy server listens on a port other than the default ports 80 and 1080, the port attribute can be used to specify an alternate port value. For example: 
 <HTTPPROXY host=”local.httpproxy.com”
           user=”userid” pw=”password” port=”8080”></HTTPPROXY>
See SMP/E for z/OS Commands for complete details of the <HTTPPROXY> and <HTTPSOCKSPROXY> tags and attributes, and consult your network administrator for help determining what, if anything, you must specify for an HTTP or SOCKS proxy server.
Parent topic: Define CLIENT input for RECEIVE and GIMGTPKG

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014