MVSFORUMS.com Forum Index MVSFORUMS.com
A Community of and for MVS Professionals
 
 FAQFAQ   SearchSearch   Quick Manuals   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

HTTP/HTTPS Callable services

 
Post new topic   Reply to topic   printer-friendly view    MVSFORUMS.com Forum Index -> Tools and Downloads
View previous topic :: View next topic  
Author Message
jim.dillon@sentry.com
Beginner


Joined: 28 Aug 2020
Posts: 9
Topics: 4

PostPosted: Fri Mar 12, 2021 10:59 am    Post subject: HTTP/HTTPS Callable services Reply with quote

I'm trying to convert REXX calls to IP sockets to HTTP/HTTPS services as documented in z/OS MVS Callable Services for HLL. Per the sample code found in SYS1.SAMPLIB(HWTHXRX1), I:
1. Call HTTP_getToolkitConstants
2. Call HTTP_init
3. Call HTTP_setupConnection
4. Call HTTP_connect

I constantly die here with the message
Code:

 "ATTLS detection OK: s=0 pol=NO_POLICY".  In the HTTP_setupConnection routine I:
- Set verbose
- set my connection handle 'https://seer.sentry.com"
- set the port to 443
- have tried setting HWTH_OPT_USE_SSL to HWTH_SSL_USE
- have tried using HWTH_OPT_SSLKEYTYPE, HWTH_OPT_SSLKEY and
HWTH_OPT_SSLCLIENTAUTHLABEL with no luck
- I created a policy specifically for this environment:
#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌

#‌                      SEER/OpsGenie Statements                   #‌

#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌

                                                                   

TTLSEnvironmentAction              SEEREnvironment                 

{                                                                 

  HandshakeRole                    ServerWithClientAuth           

  TTLSEnvironmentAdvancedParms                                     

  {                                                               

    TLSv1.2                          On                           

    ClientAuthType                   SAFCheck                     

  }                                                               

  TTLSKeyRingParms                                                 

  {                                                               

    Keyring                          NVEXEC/NETVIEW.RING           

  }                                                               

}                                                                 

                                                                   

TTLSGroupAction                    SEERAction                     

{                                                                 

  TTLSEnabled                      On                             

  Trace                            0                               

}                                                                 

-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  - 

#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌

#‌                    SEER/OpsGenie Agent Rules                   

#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌#‌

TTLSRule                   SEERRule                               

{                                                                 

  LocalPortRange           443                                   

  Direction                Both                                   

  RemoteAddr               10.81.5.151                           

  Userid                   NVEXEC                                 

  TTLSGroupActionRef       SEERAction                             

  TTLSEnvironmentActionRef SEEREnvironment                       

}                                                                 

None of this has worked.

Does anyone have some ideas that I can try?
Back to top
View user's profile Send private message
kolusu
Site Admin
Site Admin


Joined: 26 Nov 2002
Posts: 12370
Topics: 75
Location: San Jose

PostPosted: Fri Mar 12, 2021 11:22 am    Post subject: Reply with quote

jim.dillon@sentry.com,

Did you check if the KEYRING location is correct? It points to "NVEXEC/NETVIEW.RING"

Also can you post the error messages?
_________________
Kolusu - DFSORT Development Team (IBM)
DFSORT is on the Web at:
www.ibm.com/storage/dfsort

www.linkedin.com/in/kolusu
Back to top
View user's profile Send private message Send e-mail Visit poster's website
jim.dillon@sentry.com
Beginner


Joined: 28 Aug 2020
Posts: 9
Topics: 4

PostPosted: Mon Mar 15, 2021 2:02 pm    Post subject: Reply with quote

Kolusu,
Hi. Thanks for your response. The ID I want is 'NVEXEC' and the ring I want to use is 'NETVIEW.RING'. I have coded an entry like this on the advice of a vendor and it appears to be working.
I searched the web and found an posting from New ERA Software and it mentioned some maintenance to this toolkit. This maintenance provided a new setting to specify some Cypher Suites which allowed me to make a connection. However, all settings are strictly in the code I am using and does

I am making progress! Thanks for your reply!
Back to top
View user's profile Send private message
jim.dillon@sentry.com
Beginner


Joined: 28 Aug 2020
Posts: 9
Topics: 4

PostPosted: Wed Mar 31, 2021 3:36 pm    Post subject: Reply with quote

I have figured things out. These tools as listed in chapter 21 of manual z/OS MVS Callable Services for HLL, 'The z/OS HTTP/HTTPS protocol enabler' do not interface with the TCP policy agent as I as led to believe. All access and permissions must be set up using these tools using "HWTH_OPT_USE_SSL" and others.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic   printer-friendly view    MVSFORUMS.com Forum Index -> Tools and Downloads All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


MVSFORUMS
Powered by phpBB © 2001, 2005 phpBB Group