Mike, thanks for the assistance. In going through your instructions, I see that in my initial attempts at this I *DID* attempt to set things up using an SSL Pool. Here's what the output from the command you had me run says:
Directory = VMSYS:TCPMAINT.SSLPOOL_SSL Grantee R W NR NW TCPMAINT X X X X GSKADMIN X X X X MAINT X X X X SSLSERV X X X X SSL00001 X X X X SSL00002 X X X X SSL00003 X X X X SSL00004 X X X X SSL00005 X X X X I know the SSL* entries are from a previous attempt. In my own troubleshooting, I found that I can't get SSLDCSSM to start properly if I try logging on. It tries to process TCPRUN, but fails with the following: DTCRUN1005E Required tag :DCSS_Parms. was not found in file(s): SYSTEM DTCPARMS D1, IBM DTCPARMS E1 DTCRUN1099E Server not started - correct problem and retry DTCRUN1019I Server will not be logged off because you are connected I know for a fact that there's a :DCSS_Parms. entry in the DTCPARMS file. :nick.SSLDCSSM :type.server :class.ssl_dcss_agent :stack.TCPIP :for.SSLSERV :DCSS_Parms.<DEFAULT> I'm assuming that SSLDCSSM is getting started by TCPIP at some point and perhaps this is the missing piece. Dave On Wed, 2010-11-24 at 12:38 -0500, Michael Donovan wrote: > Dave, > > You stated you are receiving the following: > > -------------------------------------------------------------- > The issue continues to be the following error when TCPIP starts: > > DMSACR1184E Directory VMSYS:TCPMAINT.SSLPOOL_SSL not found or you are > not authorized for it > DTCRUN1001E "VMLINK .DIR VMSYS:TCPMAINT.SSLPOOL_SSL <. A FORCERW>" > failed with return code 2100 > -------------------------------------------------------------- > > Does that directory exist? Is your SSLSERV userid authorized for it? > You can find out by doing the following: > > 1. LOGON TCPMAINT > 2. IPL CMS > 3. DIRLIST VMSYS:. > (note both the colon and the period after VMSYS) > 4. Look for "SSLPOOL_SSL" > 5. If it exists, issue the command QUERY AUTH against the directory > If it does not exist, then CREATE DIR .SSLPOOL_SSL > 6. Ensure SSLSERV has Read/Write/NewRead/NewWrite authority to the > directory > If SSLSERV is not authorized then issue the command > GRANT AUTH VMSYS:TCPMAINT.SSLPOOL_SSL TO SSLSERV ( READ WRITE NEWREAD > NEWWRITE > > If you still have problems after all this, please open a problem > record with z/VM TCP/IP. > > Mike Donovan