Configuring TLS to connect with the IBM Z Workload Scheduler server

About this task

To configure the TLS connection between the IBM Z Workload Scheduler server and fault-tolerant agent perform the following steps.

Specify the following statements in the server started task:

PARM='ENVAR("_CEE_ENVFILE:DD=STDENV")'

Insert this statement at the top of the started-task JCL. It is used to export the environment variable to the Language Environment.

//STDENV DD card

Add this DD card to the server started-task JCL to point to a PDS member (for example, a member of the PARMLIB) where you specify the values for the environment variable that you need. For example, //STDENV DD DISP=SHR,DSN=TWS.SUBSYSN.PARM(ENVVAR)

In the PDS member (ENVVAR in the previous example), define the following value:
- GSK_PROTOCOL_TLSV1_2=ON
Edit the localopts file of the fault-tolerant agent to set the following parameters:
```
SSL Encryption Cipher   = TLSv1.2
ssl tls12 cipher  = HIGH
```
To make the changes effective, stop and restart the fault-tolerant agent and renew the Symphony file on the Z controller.