I’ll cover the instructions to install z/OS Connect, but the instructions are similar for other products. The steps are to create the minimum server configuration and gradually add more function to it.
The steps below guide you through
- planning to help you decide what you need to create, and what options you have to choose
- initial customisation and creating a server, creating defaults and creating function specific configuration files, for example a file for SAF
- starting the server
- enable logon security and add SAF definitions
- add keystores for TLS, and client authentication
- adding an API and service application
- protecting the API and service applications
- collecting monitoring data including SMF
- use the MQ sample
- using WLM to classify a service
With each step there are instructions on how to check the work has been successful.
Starting the server
Using the definitions above I started the server, using the default configuration directory, and used jobname=default.
On my z/OS system, running on zPDT on Linux, it takes about 5 minutes to start.
During start up, check that the parameter have been accepted – with the correct case.
If you get configuration errors, fix them and use the
command to get the server to pickup the changes. Note. Not all changes are picked up by the refresh command, and you have to stop and restart the server to pick up changes.
There is output in the STDOUT and possibly in STDERR, also in the /var/zosconnect/default/logs/messages.log
STDOUT will have messages like
[AUDIT] CWWKG0028A: Processing included configuration resource: /var/zosconnect/servers/default/httpEndpoint.xml
which tells you which configuration files you are using.
If you get any syntax errors you should fix them. The command f …,zcon,refresh may cause it to reread the definitions.
The second + start of server start after IPL may be faster than the first if Java has cached some of the executables.
Check for messages
Authorized service group … is available.
Which tells you that the Angel service is enabled.
Web application available (default_host): http://10.1.3.10:9080/
check this is what you expect. If the port is not valid check the httpEndoint.xml. You do not get an entry for the TLS port, because TLS is not enabled.
If you use a web browser to logon to the URL http:10.1.3.10:9081 (note:not https) you will just get a blank screen. If you look in logs/http_access.log you will see a code 302. In this case, 302 means you were trying to use an http session to a session that requires https.
If you use other URLs you may get a message saying you need to use https.
If you use z/OS explorer and use the http:…9081 above you will get “302, Found”. This means you were trying to use an http session to a session that requires https.
You have successfully created a z/OS connect server, and used it – even though you could not do much.
To stop the server use the z/OS P … command.
Most of the facilities in z/OS Connect require TLS, so you cannot do much until you have configured that.