CTF Tracing

If you are experiencing issues with establishing an SSL mainframe connection, then you can enable tracing to help debug the issues. Tracing can be enabled through the Consolidated Tracing Facility (CTF).

To enable tracing you need to add ccitrace-base and ccitcp-base elements to your CCI.INI file; for example:

[ccitcp-targets]
CCITCPT_CSIMVSSSL=,MFCONN:SSL:"C:\SSL\CSIMVS-root-cert.pem":"C:\SSL\CSIMVS-MYUSER-cert.pem"::"C:\SSL\CSIMVS-MYUSER-key.der":A1B2C3D4,MFNODE:CSIMVS,MFPORT:20201

[ccitrace-base]
force_trace_on=yes
data_trace=yes
protocol_trace=yes
internal_net_api=yes
trace_file_name=ccitrc

[ccitcp-base]
ssl_display_cipher=yes
ssl_display_cert=yes
ssl_display_cert_fail_report=yes
ssl_display_cert_connection_details=yes
ssl_display_options_on=yes
ssl_display_destination=c:\SSL\ssltrc.txt

For ssl_display_destination, you need to specify an absolute non-spacey path to a location that you have write permissions to. This defines the file and location containing the log information for your SSL usage.

Create a ctf.cfg file in a non-spacey path location containing the following:

## MFTRACE configuration file

mftrace.emitter.es#level              = 99999
mftrace.emitter.textfile#location     = c:\SSL\ctf
mftrace.emitter.textfile#Format       = $(TIME) $(THREAD) $(COMPONENT) $(EVENT) $(LEVEL) :$(DATA)

mftrace.level.mf.cci                   = info
mftrace.level                         = debug

For the mftrace.emitter.textfile#location, you need to specify a non-spacey location that you have write permissions for. This defines the folder where your CTF output is written to.

From an Enterprise Developer command prompt, set the MFTRACE_CONFIG environment variable to the location of your ctf.cfg file; for example, enter:

set MFTRACE_CONFIG=C:\SSL\ctf.ctg
Note: Do not enclose the path in quotes.

If you now open mfdasmx.exe or eclipse.exe in an Enterprise Developer command prompt, tracing is enabled. You can use the CTF trace to diagnose issues with the SSL mainframe connection.