Update the .Local Node Record

The update localnode command configures the protocol for the .Local node record. The command has the following parameters:

Command Parameter Values
update localnode protocol=Specifies a comma delimited list of Protocols to use in the .Local node record. Disable | SSL,TLS,TLS1.1,TLS 1.2

(See Display Protocols)

  SecurityMode Disable | FIPS140-2 | SP800-131A_TRANSITION | SP800-131A_STRICT | SUITE_B-128 | SUITE_B-192

(See Display SecurityModes)

  override=Identifies if values in the remote node can override values defined in the .Local node record. y | n
  AuthTimeout=Specifies the maximum time, in seconds, that the system waits to receive the IBM Connect:Direct® control blocks exchanged during the IBM Connect:Direct authentication process. 0–3600

The default is 120 seconds.

  KeyCertLabel=Identifies the label of the key certificate. keycert label | null
Note: If no keycert label is specified, the following should be noted:

Pnode sessions will fail if the remote node requires client authentication.

Snode sessions will fail.

  EncryptData=If no is specified, Encrypt Only Control Block Information; data is sent unencrypted. Default is Yes - data and control block information are encrypted. y | n
  ClientAuth = Enables client authentication in a .Client node record. y | n
  CipherSuites= Specifies the cipher suites enabled.

Note: Only certain cipher suites are supported in FIPS-mode. For a list of the FIPS-approved cipher suites, see Special Considerations in the IBM Connect:Direct for UNIX Release Notes.

comma delimited list of cipher suites | all | null

all—Enables all ciphers.

null—Clears any existing values from the node definition.

  SeaEnable=Enables certificate validation by Sterling External Authentication Server y | n
  SeaCertValDef=Character string defined in Sterling External Authentication Server (SEAS). character string | null

null—Clears any existing values from the node definition.