z/OS Security Server RACF Diagnosis Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Obtaining AT-TLS information for an RRSF connection

z/OS Security Server RACF Diagnosis Guide
GA32-0886-00

TARGET LIST displays some basic information extracted from the AT-TLS rule covering a remote connection, such as:
  • The rule name
  • The negotiated cipher
  • The client authentication level
  • If the client authentication level is SAFCHECK, the local user ID that the remote server's certificate mapped

This information can be helpful as a quick check, however, the NETSTAT command can be used to obtain all the policy information.

See Figure 1 for an example of NETSTAT command output and note that a connection identifier is shown in the CONN column. For the remote node, the connection ID shown is A3. To obtain detailed information about the AT-TLS policy covering that connection, issue the NETSTAT command specifying the connection ID:
NETSTAT TTLS CONN A3
or 
NETSTAT TTLS CONN A3 DETAIL

See z/OS Communications Server: IP System Administrator's Commands for more information about the NETSTAT command.

Parent topic: Obtaining information about RRSF connections

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014