Open skurnevich opened 4 months ago
Hi Squad, i know of a Zowe user waiting on this fix to move their Zowe instance to production with DB2 UMS. Thank you for looking into it!
I think the main problem is the app-server defaults override attempts to turn https off these days. But, that's from a set of conditionals, and one condition we do not have is any way for the users to tell us that they intend to use attls.
Months go we drafted a schema improvement for such a way, simply zowe.network.server.attls=true
and components.app-server.zowe.network.server.attls=true
for per-component.
https://github.com/zowe/zowe-install-packaging/pull/3446
Lets revisit this draft, get it in, and then have app-server be its first user, by having a new conditional in app-server by which if attls is set to true, then https is completely turned off.
How does it work in the HA setup when 1 LPAR has AT-TLS and another doesn't?
The Configuring Zowe Application Framework docs page describes how to configure the app framework for HTTP, but it is impossible to disable HTTPS.
Even if you delete app-server.node.https section the values will be filled from defaults. Then it seems that these functions were not updated for ATTLS: isServerHttps and getBestPort so if the app-server.node.https section exists it will be used and http setup will be ignored.