Skip to Main Content
IBM Z Software


This portal is to open public enhancement requests against IBM Z Software products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Delivered
Categories Runtime
Created by Guest
Created on Dec 22, 2023

Amendment in DFHWB0112I XMEOUT parameters/Message inserts

CICS doesn't really need an additional check (i.e. option 3) for secured SSL connection (HTTPS) while web domain initialization. Instead, this should be checked during HTTP authentication for the requests that are made using EXEC CICS WEB OPEN or EXEC CICS INVOKE SERVICE commands.

 https://www.ibm.com/docs/en/cics-ts/6.1?topic=messages-dfhwb0112i

Make sure that the defaultciphers.xml file exists in the USSCONFIG/security/ciphers directory, is readable by the CICS region userid, and contains a valid list of ciphers. If TLS 1.3 is active in the region, the defaultciphers.xml file must contain at least one TLS 1.3 cipher.

 Whereas other checks 1, 2 & 4 are valid.

1=there was a problem reading the file,

2=the file contains invalid ciphers,

3=the region does not support outbound HTTPS connections

4=the file does not contain a TLS 1.3 cipher


With the current setup, we are ending up seeing message DFHWB0112I in all our CICS regions which doesn’t have any SSL connections and it is not Ideal. Large customers like us will face the same situation as we do not want to go down the complexity to have individual featuretoggle file for each region.  

Idea priority Low
  • Guest
    Reply
    |
    Apr 12, 2024
    Support is provided in CICS TS 6.2 which has been announced and will GA June 14th 2024.

    See Announcement letter https://www.ibm.com/docs/en/announcements/AD24-0164
  • Guest
    Reply
    |
    Jan 16, 2024
    CICS Development: This is something we would like to address. The RFE is being moved into 'Planned for Future release' status.
    Please note:
    IBM's statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM's sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion.
  • Guest
    Reply
    |
    Jan 12, 2024
    CICS Development: This is a candidate for a future release.