You have to update the file /etc/pagent.ttls.conf to explicitly deactivate
SSL, (specify SSLV3 Off). Also TLS 1 and 1.1 are on by default and you
have to also specify 1.2 explicitly if you dont want the lower levels.
Also clients generally default to using SSL, for example Microsoft has
several different Windows registry settings that must be done to force TLS
1.2. Not as clean as on z/OS, esp. for older Windows versions.
on z/OS, /etc/pagent.ttls.conf :
*TTLSEnvironmentAdvancedParms { ## TLSV1.2 only for z/OS 2.1 and higher #
TLSV1.2 On # TLSv1 & TLSv1.1 are on by default SSLV3 Off # disable SSLv3 }
}*
On Thu, Dec 23, 2021 at 5:00 AM Lizette Koehler <stars...@mindspring.com>
wrote:
> I have an appl that needs to be TLSV1.2
>
>
>
> I updated PAGENT for this IP:PORT to only use TLS 1.2 and did a refresh
>
>
>
> I am being told that despite that it is using SSLV3
>
>
>
> How can I validate if the IP:PORT is using SSLV3 or TLS V1.2
>
>
>
> Lizette
>
>
>
>
> ----------------------------------------------------------------------
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
