A.5 4. Update the Configuration for the DCAS Server

Additional configuration is needed to update the DCAS configuration file and DCAS start procedure. The values must match those used with your deployment. 

The DCAS configuration file (/etc/dcas.conf) contains the following keywords:

TCPIP tcpstackname

; Server will have affinity to TCP/IP stackname

IPADDR xx.xx.xx.xx

; IP address to which DCAS binds for TLS connection (defaults to inaddr_any)

PORT xxxx

; DCAS listens on this port number (default is 8990)

KEYRING /etc/ssl/xxx.kdb

; HFS file name of Keyring for TLS/SSL negotiation

STASHFILE /etc/TLS/xx.sth

; Stash file containing the Password of Key ring file

SAFKEYRING SERVERKeyring

; Key ring via RACF

CLIENTAUTH xxxxxx

; Client Authentication level, used with parameters:

; LOCAL1 (TLS does authentication)

; LOCAL2 (default - use RACF to validate the client's certificate)

LDAPSERVER xx.xx.xx.xx

; Fully qualified name or IP address of LDAP Server

LDAPPORT xxxx

; Port# that LDAP Server is listening on

V3CIPHER cipherspec

; Specify a subset of the supported TLS V3 cipher algorithms. The following cipher levels are valid:

  • ; 01=NULL MD5
  • ; 02=NULL SHA
  • ; 03=RC4 MD5 Export
  • ; 04=RC4 MD5 US
  • ; 05=RC4 SHA US
  • ; 06=RC2 MD5 Export
  • ; 09=DES SHA
  • ; 0A=Triple DES SHA US