This IBM® Redpaper™ publication provides information about how to set up and configure DB2® for z/OS® with Transport Layer Security (TLS), the modern version of Secure Sockets Layer (SSL), using the z/OS Communications Server Application Transparent - Transport Layer Security (AT-TLS) services. This paper also covers the steps for configuring TLS/SSL support for the IBM Data Server Drivers for IBM Data Server Provider for .NET and ODBC/CLI clients as well as the JDBC and SQLJ (Type 4 connectivity) clients to access a DB2 for z/OS server.
The information provided is applicable to DB2 11 as well as DB2 10 for z/OS.
Although we use z/OS V2R1 as the reference release in this paper, the instructions are valid on releases as early as z/OS V1R11.
Throughout the paper, we reference z/OS Security Server Resource Access Control Facility (RACF®) in a variety of contexts. It should be understood that anywhere we mention RACF, it implies any System Access Facility (SAF) external security manager.
The intended audience for this paper includes network and security administrators and database administrators who want to set up and configure TLS/SSL support for DB2 for z/OS.
Table of contents
These pages are Web versions of IBM Redbooks- and Redpapers-in-progress. They are published here for those who need the information now and may contain spelling, layout and grammatical errors.
This material has not been submitted to any formal IBM test and is published AS IS. It has not been the subject of rigorous review. Your feedback is welcomed to improve the usefulness of the material to others.
IBM assumes no responsibility for its accuracy or completeness. The use of this information or the implementation of any of these techniques is a customer responsibility and depends upon the customer's ability to evaluate and integrate them into the customer's operational environment.