The purpose of this document is to complete the task of introducing Transport Layer Security to z/OS® so IBM Personal Communications (PCOMM) uses TLS security.

This document walks you through enabling Tunneled Transport Layer Security (TTLS) on your IBM z/OS for use with a PCOMM TN3270 connection. When you complete this task, you require a certificate to access your TN3270 PCOMM session.

You work with the following products and components:

• TN3270
• TCPIP
• PAGENT
• INET (maybe)
• IBM RACF®

This document assumes that the reader has extensive knowledge of z/OS security administration and these products and components.

This document is part of the Technical Enablement Series that was created at the IBM Client Experience Centers.

Overview

Prerequisites

Install and configure PAGENT

Rings, certificates, and certificate authorities

Modify TCPIP

Updating TN3270 to use the secure port

Using PCOMM TLSv1.2 to connect

Turn off the TN3270 non-TLS port

Verify TLS-Enabled PCOMM

References