Introduction to Connect:Direct Secure Plus
for UNIX
The IBM®Connect:Direct® Secure Plus for UNIX application
provides enhanced security for IBM Connect:Direct
and can be optionally configured. It uses cryptography to secure data during transmission. You
select the security protocol to use with Connect:Direct Secure Plus.
Introduction to Connect:Direct Secure Plus for UNIX
The Connect:Direct Secure Plus for UNIX application provides enhanced security for IBM Connect:Direct and can be optionally configured. It uses cryptography to secure data during transmission. You select the security protocol to use with Connect:Direct Secure Plus.
Plan Your Implementation of the SSL or TLS Protocol
Set Up Connect:Direct Secure Plus
Before you can configure the node definitions that are necessary for using Connect:Direct Secure Plus, you must complete the following tasks:
Node Configuration Overview
Before you begin using Connect:Direct Secure Plus, you must configure nodes for secure operations.
Configure Certificate Authentication for Client API Connections
Automate Setup with the Secure+ CLI
The Java-based Connect:Direct Command Line Interface (Secure+ CLI) and sample script enable you to create customized script that automate creating an initial installation of IBM Connect:Direct, populating the Secure+ parameters file, and managing node records. You can then distribute these scripts throughout your enterprise to implement the IBM Connect:Direct application. Before you create the scripts for distribution, consider creating an installation of Connect:Direct Secure Plus using the Secure+ Admin Tool and testing it to verify the results.
Displaying the IBM Connect:Direct Node Information
After you set up node records in Connect:Direct Secure Plus, you can view all of the nodes and their attributes from the Secure+ Admin Tool Main Menu Window . To display a Connect:Direct Secure Plus node record, open it by double-clicking the node record name.
Connect:Direct Secure Plus Statistics Record Information
IBM Connect:Direct logs statistics for IBM Connect:Direct Process activity. IBM Connect:Direct statistics includeConnect:Direct Secure Plus information for a Process.
Secure+ Parameters File Auditing
IBM Connect:Direct provides auditing of Secure+ parameters files and certificates for archival purposes.
Connect:Direct Secure Plus Troubleshooting
Use the following table to help troubleshoot problems with Connect:Direct Secure Plus:
Configuration Worksheets
Certificate Files
The SSL and TLS security protocols use a secure server RSA X.509V3 certificate to authenticate your site to any client that accesses the server and provides a way for the client to initiate a secure session. You obtain a certificate from a certificate authority or you can create a self-signed certificate. When you obtain a certificate file, a trusted root certificate file and key file are created. This topic describes the layout of the trusted root certificate file and the key certificate file.
Model Automation Scripts
The following scripts are provided as models for creating custom scripts to define your Connect:Direct Secure Plus environment and automate the implementation of it. To prevent any loss of data, you cannot run the scripts, but you can save them with a different name and modify them to suit your needs.
Encrypt Passwords for use with CLI
Security Concepts
Cryptography is the science of keeping messages private. A cryptographic system uses encryption keys between two trusted communication partners. These keys encrypt and decrypt information so that the information is known only to those who have the keys.
Secure Plus UNIX Video Tutorials
You can view video tutorials about the installation, configuration, troubleshooting, and other technical features of Connect:Direct Secure Plus for UNIX.
Protocol Support
Connect:Direct Secure Plus Tools
Connect:Direct Secure Plus consists of five components:
Before You Begin
Before you configure the IBM Connect:Direct environment for secure operations, ensure that you complete the following tasks: