MVSFORUMS.com :: View topic - HTTP/HTTPS Callable services

through

[^/[Print]\]

MVSFORUMS.com -> Tools and Downloads

#1: HTTP/HTTPS Callable services Author: jim.dillon@sentry.com,

Posted: Fri Mar 12, 2021 10:59 am
—
I'm trying to convert REXX calls to IP sockets to HTTP/HTTPS services as documented in z/OS MVS Callable Services for HLL. Per the sample code found in SYS1.SAMPLIB(HWTHXRX1), I:
1. Call HTTP_getToolkitConstants
2. Call HTTP_init
3. Call HTTP_setupConnection
4. Call HTTP_connect

I constantly die here with the message

Code:

"ATTLS detection OK: s=0 pol=NO_POLICY". In the HTTP_setupConnection routine I:
- Set verbose
- set my connection handle 'https://seer.sentry.com"
- set the port to 443
- have tried setting HWTH_OPT_USE_SSL to HWTH_SSL_USE
- have tried using HWTH_OPT_SSLKEYTYPE, HWTH_OPT_SSLKEY and
HWTH_OPT_SSLCLIENTAUTHLABEL with no luck
- I created a policy specifically for this environment:
#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ

#â€Œ SEER/OpsGenie Statements #â€Œ

#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ

TTLSEnvironmentAction SEEREnvironment

{

HandshakeRole ServerWithClientAuth

TTLSEnvironmentAdvancedParms

{

TLSv1.2 On

ClientAuthType SAFCheck

}

TTLSKeyRingParms

{

Keyring NVEXEC/NETVIEW.RING

}

}

TTLSGroupAction SEERAction

{

TTLSEnabled On

Trace 0

}

- - - - - - - - - - - - - - - - - - - - - -

#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ

#â€Œ SEER/OpsGenie Agent Rules

#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ#â€Œ

TTLSRule SEERRule

{

LocalPortRange 443

Direction Both

RemoteAddr 10.81.5.151

Userid NVEXEC

TTLSGroupActionRef SEERAction

TTLSEnvironmentActionRef SEEREnvironment

}

None of this has worked.

Does anyone have some ideas that I can try?

#2: Author: kolusu, Location: San Jose

Posted: Fri Mar 12, 2021 11:22 am
—
jim.dillon@sentry.com,

Did you check if the KEYRING location is correct? It points to "NVEXEC/NETVIEW.RING"

Also can you post the error messages?

#3: Author: jim.dillon@sentry.com,

Posted: Mon Mar 15, 2021 2:02 pm
—
Kolusu,
Hi. Thanks for your response. The ID I want is 'NVEXEC' and the ring I want to use is 'NETVIEW.RING'. I have coded an entry like this on the advice of a vendor and it appears to be working.
I searched the web and found an posting from New ERA Software and it mentioned some maintenance to this toolkit. This maintenance provided a new setting to specify some Cypher Suites which allowed me to make a connection. However, all settings are strictly in the code I am using and does

I am making progress! Thanks for your reply!

#4: Author: jim.dillon@sentry.com,

Posted: Wed Mar 31, 2021 3:36 pm
—
I have figured things out. These tools as listed in chapter 21 of manual z/OS MVS Callable Services for HLL, 'The z/OS HTTP/HTTPS protocol enabler' do not interface with the TCP policy agent as I as led to believe. All access and permissions must be set up using these tools using "HWTH_OPT_USE_SSL" and others.

MVSFORUMS.com -> Tools and Downloads

output generated using printer-friendly topic mod. All times are GMT - 5 Hours

Page 1 of 1