My keyring definition is Keyring START1/TN3270 I do not know what the default userid is.
BTW I wrote SystemSSL (GSK) trace and TCPIP <https://colinpaice.blog/2022/10/11/gsk-trace-and-tcpip/> which you might need to track down problems once you have your configuration working. On Fri, 14 Oct 2022 at 07:54, ITschak Mugzach <imugz...@gmail.com> wrote: > We have a CICS transaction that opens a socket (EZASOCKET) on port 9443 to > an external server. > We copied the default PAGENT configuration for AT-TLS and modified it as > below. However, TCPIP (that starts that PAGENT task claims "EZZ4249I TCPIP > INSTALLED TTLS POLICY HAS NO RULES" > > We wanted 943 to be encrypted by the CICSR userid certificate placed on > ring CICSRKEYRING. > > What is wrong with the below definitions (*and the others copied from the > sample directory)? > > > TTLSRule Our_Outbound_Application > { > Userid CICSR > RemotePortRange 9443 > Direction Outbound > TTLSGroupActionRef grp_Production > TTLSKeyRingParms > { > Keyring CICSRKEYRING > } > TTLSConnectionActionRef grp_Production > #TTLSEnvironmentActionRef Generic_Client_App > } > > > ITschak Mugzach > *|** IronSphere Platform* *|* *Information Security Continuous Monitoring > for z/OS, x/Linux & IBM I **| z/VM coming soon * > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN