IOS627E

Explanation
Connectivity cannot be established for the host
specified for the encryption key manager.  This message is issued
as a delayed response to a SETIOS EKM,PRIMARY=, SETIOS EKM,SECONDARY=,
SET IOS=xx, D IOS,EKM,VERIFY= command. It is also issued during an
encryption of a tape when the primary key manager failed to connect.
In
the message text:text1
The text1 can be either PRIMARY or SECONDARY:PRIMARY 
The primary encryption key manager cannot be connected.
SECONDARY
The secondary encryption key manager cannot be connected. 

text2
The text2 can be one of the following reasons:KEY MANAGER NOT SPECIFIED
A key manager was not specified at the time of encryption key
manager verification.
SOCKET FAILURE RETVAL=retval ERRNO=errno ERRNOJR=errnojr
Encryption key manager processing failed to open a TCP/IP connection
to the encryption key manager. retval, errno,
and errnojr are the return values from the USS
service that failed.
USS FAILURE
A failure in using USS services has prevented encryption.
OMVS SEGMENT FAILURE FOR IOSAS
The IOS address space (IOSAS) has determined that USS services
are unavailable due to lack of permissions for IOSAS.
KEY MANAGER VERIFICATION FAILURE
The key manager was not verified correctly, and it has been determined
that the connecting host was not a key manager.
COMMUNICATION TIME OUT
The key manager did not respond within a time-out value of three
minutes.

System action
The system will still attempt connections with
the primary or secondary host names in case that the error is temporary.

Operator response
If the host name is in error, issue a SETIOS
EKM command to specify a correct encryption key manager, or NONE,
to disable the in-band key management. Contact the system programmer
to verify that the encryption key manager is currently running and
TCP/IP and USS work correctly.

System programmer response
To determine the reason for the socket
failure see z/OS UNIX System Services Messages and Codes or z/OS Communications Server: IP Diagnosis Guide.
For USS
FAILURE, verify that USS is active.
For OMVS SEGMENT
FAILURE FOR IOSAS, verify that IOSAS has permissions to an OMVS
segment and that the security product is running.

Source
Input/output supervisor (IOS)

Routing code
2, 10

Descriptor code
5