|
|
|
The CA CSM application server (MSMTC) tries to set a random file in use to track its user sessions, and if one is created, CA CSM uses it. The creation of this file is performed in the base Apache Tomcat application regardless of the platform. If this file cannot be set, the CA CSM application uses its own logic to track user sessions. In z/OS, the successful creation of the random file requires that your site has an Integrated Cryptographic Services Facility (ICSF) processor that is attached and enabled. If your site does not have the ICSF processor, CA CSM issues messages similar to the following example, and continues to initialize:
Aug 5, 2010 4:56:37 PM org.apache.catalina.session.ManagerBase setRandomFile WARNING: Failed to close randomIS.
If an ICSF processor is enabled, initialize the CSF address space completely before starting the CA CSM application server (MSMTC). If you do not initialize the CSF address space, CA CSM fails; and it fails without retrying. Perform a recycle of the MSMTC started task to recover.
If you have an ICSF processor that is attached to your LPAR, we recommend that you use your system automation software to add the CSF started task as a prerequisite to the start of the MSMTC started task.
Ensure that you only start the MSMTC started task after a successful initialization of the CSF address space. Set your system automation software to look for the following CSF initialization messages:
CSFM001I ICSF INITIALIZATION COMPLETE
This message signals that the CSF services have been started but are not available and a cipher key has not yet been loaded.
Or
CSFM400I CRYPTOGRAPHY - SERVICES ARE NOW AVAILABLE.
This message signals that ICSF services are available and a cipher key has been loaded.
Note: For more information, see the IBM z/OS Cryptographic Services PKI Services Guide and Reference (SA22-7693-12).
| Copyright © 2013 CA. All rights reserved. |
|