The Zowe Command Level Interface running on the work station allows you to issue REST requests to the back end, and capture the output.

There is a Zowe plugin for VSCode IDE which allows you to z/OS files, etc from within VSCode.

Before you can use the Zowe Command Level Interface(CLI), or the Zowe extensions to VSCode you need to install code on your work station.

Follow Zowe CLI quick start.

I executed Installing Zowe CLI core from public npm, but did not install any plugins.

Displaying help

The command zowe –help-web did not work for me on Linux (known bug – caused by browser security).

Issuing commands

My z/OS servers are TLS enabled. The Zowe documentation is for configurations without TLS enabled.

I needed to use

export NODE_EXTRA_CA_CERTS=./cert.doc.ca.ec.pem
zowe zos-files list data-set "COLIN.Z*" --host 10.1.1.2 --port 10443 ... 

Because the CA certificate is validated as part of the TLS handshake. If the CA sent from the server, does not match that in the NODE_EXTRA_CA_CERTS file, you will get a message

Response From Service: Error: self-signed certificate in certificate chain

You should specify the CA certificate location – but you could (for a test system) specify –reject-unauthorized false to override it.

Authenticating

If configured you can logon with certificate (and no password) or userid and password.

Certificate logon

If you have configured z/OSMF to use certificate logon, you map a certificate to a userid using the RACDCERT MAP command.

RACDCERT DELMAP(LABEL('IBMUSER1Label'))ID(IBMUSER) 
RACDCERT MAP ID(IBMUSER)  - 
   WITHLABEL('IBMUSER1Label') - 
   SDNFILTER('CN=colinpaice.O=cpwebuser.C=GB') 
RACDCERT LISTMAP ID(IBMUSER) 
SETROPTS RACLIST(DIGTNMAP, DIGTCRIT) REFRESH 

• You can specify the exact Distinguished Name CN=colinpaice.O=cpwebuser.C=GB You need to get the parts in the right order, and use ‘.’ between components.
• You can select parts of the DN to map to a userid.
• You can specify the CA which maps to a userid (so all userid signed by O=MYORGCA.C=GB) map to userid MYORGID.

If a certificate did not have a mapping I got

ICH408I USER(IZUSVR  ) GROUP(IZUADMIN) NAME(ZOSMF STARTED TASK O) 560   
  DIGITAL CERTIFICATE IS NOT DEFINED.  CERTIFICATE SERIAL NUMBER(02AF)  
  SUBJECT(CN=zzz.O=cporg.C=GB) ISSUER(CN=SSCA256.OU=CA.O=SSS.C=GB).                                                            

Userid and password logon

If z/OSMF is not configured for certificate logon, You specify a userid and password on the request. The format depends on the tool used. For example

httpie (https)

https GET https://10.1.1.2:10443/zosmf/restfiles/ds/IBMUSER.ABC –verify ./ca.pem –auth colin:passw0rd

cURL

curl –cacert ca.pem –basic –user colin:passw0rd https://10.1.1.2:10443

Issue a command!

+ NODE_EXTRA_CA_CERTS=./cert.doc.ca.ec.pem
+ zowe zos-files list data-set 'COLIN.Z*' --cert-file zzcolinpaice.pem --cert-key-file zzcolinpaice.key.pem --host 10.1.1.2 --port 10443

Saving the logon parameters.

Once you have managed to get a session to z/OSMF working, you can store the connection parameters in profiles.

See How to save connection parameters: zowe CLI client configuration files

To uninstall Zowe

The command

npm list -g --depth=0

Lists all of the installed packages. This gave me

/usr/lib
├── @zowe/cli@8.23.1
├── corepack@0.32.0
└── npm@11.3.0

To uninstall it I used

 npm uninstall -g @zowe/cli

The list command gave me

/usr/lib
├── corepack@0.32.0
└── npm@11.3.0