TCP/IP Level 440 - Reference Information

TCP/IP for VM Secure Socket Layer (SSL) Server
Documentation Changes for APAR PQ82117

Note: Support for TCP/IP Level 440 ended on 30 Setptember, 2006.

   VMSSL Command Updates

The revised information that follows is for TCP/IP Planning and Customization. These updates are applicable once the updated SSLADMIN EXEC (provided via APAR PQ82117) has been installed.

Affected Publication:

    z/VM TCP/IP Planning and Customization

Publication Numbers:

    Level 440: SC24-6019-02
    Level 430: SC24-6019-01

Chapter:

    Configuring the SSL Server

The "SSLADMIN STOP Command" syntax diagram is updated to include a new userid operand. Relevant syntax information and descriptions for this new operand follow.

SSLADMIN STOP Command (New operands added) 

                    .--SSLSERV--.
>>--SSLadmin--STOP--+-----------+-------------------------------------><
                    '--userid---'

SSLADMIN STOP Command Operands (Additions)

userid
The user ID of the SSL server virtual machine. This operand is applied only when the SSL server Linux guest is enabled for CP SHUTDOWN signals. The default is SSLSERV.

Usage Notes

  • When possible, the CP SIGNAL SHUTDOWN command is used to shut down SSL Linux guests that have been enabled to accept signals. A signal timeout interval of 30 seconds is used if the system-defined guest signal timeout interval is less than 30; otherwise, the system-defined interval is applied.

  • When a server virtual machine ID is specified, it must match that of the SSL server that has a listen active for the SSL administrative port.

  • If no listen is active for the SSL administrative port, confirmation to stop the server via a SIGNAL SHUTDOWN command is requested.

   VMSSL Message Updates

Affected Publication:

    z/VM TCP/IP Messages and Codes

Publication Numbers:

    Level 440: GC24-6022-03
    Level 430: GC24-6022-01

Chapter:

    SSL Messages

  • New Informational and Response Messages:

    (Due to the informational nature of these messages, formal documentation will not be provided.)

    DTCSSL2450I The SSL server (userid) is not logged on

    DTCSSL2454I SSL server (userid) signaled for shutdown with interval 'nn'

    Comment: Presented after use of CP SIGNAL for shutdown

    DTCSSL2454I SSL server (userid) shutdown initiated

    Comment: Presented after use of administrative socket for shutdown

    DTCSSL2457R Continue and attempt SIGNAL SHUTDOWN of server 'userid'? Enter 0 (No) 1 (Yes)

  • New Message:

    DTCSSL2451E 'text' is not a valid user ID

    Explanation: The specified user ID value is longer than eight characters, contains other format errors, or is not recognized by the system.

    System Action: Command execution stops.

    System Programmer Response: Correct the condition and try the command again.

  • New Message:

    DTCSSL2452E User 'userid' is not authorized to issue command_text commands

    Explanation: The user ID from which this command was issued does not have sufficient CP privilege class to use commands cited in the message.

    System Action: Command execution stops.

    System Programmer Response: Issue the command from a user ID that has the necessary CP privilege class for the listed commands.

  • New Message:

    DTCSSL2453E SSL server (userid) shutdown status is: status

    DTCSSL2453I SSL server (userid) shutdown status is: status (Issued by: userid)

    Explanation: A SIGNAL SHUTDOWN command was issued to stop the server, which returned the status indicated in the message. The informational format of this message reflects the status of a previously issued SIGNAL SHUTDOWN command.

    System Action: Command execution stops (Error condition only).

    System Programmer Response: For the error format of this message, review the reported status and address the reported condition, as warranted. For more information, consult the documentation for the CP QUERY SIGNALS and CP SIGNAL commands.

  • New Message:

    DTCSSL2455E User ID 'userid1' conflicts with that of the active SSL server (userid2)

    Explanation: The SSL server user ID (userid1) specified for the command does not match that of the server ( userid2) that has an active listen posted for the SSL administrative port.

    System Action: Command execution stops.

    System Programmer Response: Ensure the correct SSL server user ID is specified when the command is issued.

  • New Message:

    DTCSSL2456W SSL server user ID (userid) cannot be confirmed

    Explanation: The user ID cited in the message does not have an active listen posted for the SSL administrative port. This condition might arise if a socket or other communication error has been encountered by the SSL server. However, it may also be that this user ID is not that of the virtual machine that provides SSL services for this system.

    Because this condition exists, a prompt is presented to confirm that a CP SIGNAL SHUTDOWN command should be attempted to stop the SSL server.

    System Action: Command execution continues.

    System Programmer Response: Verify that the indicated user ID is that of the SSL server defined for your system before you provide an affirmative response to prompt that has been presented.

  • New Message:

    DTCSSL2458E SSL server (userid) is not enabled for signals

    Explanation: An attempt to shutdown the indicated server by using a CP shutdown signal failed. This condition might result because the server implementation does not recognize or exploit these signals, or because the incorrect user ID has been signaled.

    System Action: Command execution stops.

    System Programmer Response: Review the command that was issued, as well as any additional messages associated with this error. Ensure the correct server machine has been identified, then try the command again.

    •