Skip to Main Content
IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Delivered
Created by Guest
Created on Nov 4, 2015

TKE SSL support

the new TKE shipped with the z13 processors included a change to the way that the TN3270 client interacts with a TN3270 server that requires a protected (encrypted) connection via TLS.

Typically a site will share a common server certificate across multiple instances of the TN3270 server running on different systems in a sysplex. The new TKE does not cater for this and would require either separate certificates for each instance of a TN3270 server or for the certificate in use to detail the IP addresses that can be used.

This would require customers to change their existing TN3270 Server environment to allow this to work.

My contention is that the TKE should have an option to allow this (commonly used) configuration to work. Installation of the certificate used to sign the TN3270 server certificate is sufficient security for environments where the TKE is in a private customer network.

Also given that the TN3270 client still supports a non-encrypted connection anyway there isn't much point in making controls around the use of an encrypted connection onerous.

Idea priority Medium
  • Guest
    Reply
    |
    Jun 24, 2022
    Delivered with z16 GA1
  • Guest
    Reply
    |
    Mar 18, 2016

    Thank you for your request. We accepted this requested and will plan to address it in a future release.

  • Guest
    Reply
    |
    Nov 6, 2015

    Due to processing by IBM, this request was reassigned to have the following updated attributes:
    Brand - Servers and Systems Software
    Product family - z Systems Hardware
    Product - z Systems Hardware
    Component - HMC/Support Element (SE)
    Operating system - Linux
    Source - None

    For recording keeping, the previous attributes were:
    Brand - Servers and Systems Software
    Product family - z Systems Hardware
    Product - z Systems Hardware
    Component - TKE Workstation
    Operating system - Linux
    Source - None

  • Guest
    Reply
    |
    Nov 5, 2015

    Creating a new RFE based on Community RFE #79339 in product z Systems Hardware.