Enabling TLS for RACF Connection in IdentityIQ

Which IIQ version are you inquiring about?

IdentityIQ 8.4 P2

Share all details about your problem, including any error messages you may have received.

I’m trying to enable a TLS connection between IdentityIQ 8.4 P2 and RACF. The SailPoint documentation is quite unclear about the steps involved. Has anyone successfully set this up?

Here are the documents I’ve referred to so far:

• Enabling TLS Communication (SailPoint Documentation)

• Security Configurations for Mainframe Integration Components (SailPoint Community)

If anyone has successfully enabled TLS for RACF, could you please share the steps required on both the IdentityIQ and Mainframe sides?
Any tips or best practices would also be greatly appreciated.

Thank you in advance for your help!

Hi @sathieshg

are you stuck with any steps or any errors you are getting in the test connection with TLS configurations, or you have connector gateway logs to see if any issues are there ?

you just need to follow the steps in the documentation which you provided for TLS configuration.

Steps completed so far:

1. Added a certificate to the IIQ server and moved the certificate to the CG server.
2. Enabled TLS in the application definition.
3. The RACF/Mainframe team implemented AT-TLS and made related changes on their side.
4. Imported the certificate from IIQ to CG, and verified that the connection from IIQ to CG is successful.

Current issue:

• We are unable to establish a connection all the way to the RACF system.

Questions:

• Do we need to import any certificates from RACF into IIQ or CG?
• If so, what are the steps we should follow to export or import certificates from RACF?