Manage Remote Node Records
This section contains the commands and parameters used to create, update, display, and delete remote node records.
Create a Remote Node Record
The create remotenode command creates a remote node record and configures the protocol settings. The command has the following parameters:
Command | Parameter | Values |
---|---|---|
create remotenode | model=Name of an existing node to use as a model to copy from. | name of a valid remote node |
Name=Identifies name of the remote node record. | name | |
protocol=Specifies a comma delimited list of Protocols to use in the remote node record. | Disable | TLS1.2,TLS 1.3 |DefaultToLN TLS1.0, TLS1.1, SSL3.0 are deprecated and should not be used. It is recommended that trading partners using deprecated protocols migrate to TLS 1.3 or TLS 1.2. (See Display Protocols) |
|
SecurityMode | Disable | FIPS140-2 | SP800-131A_TRANSITION | SP800-131A_STRICT | SUITE_B-128 |
SUITE_B-192 | DefaultToLN
(See Display SecurityModes) |
|
override=Identifies if values in the copy statement can override values defined in the remote node record. | y | n | DefaultToLN | |
AuthTimeout=Specifies the maximum time, in seconds, that the system waits to receive the IBM Connect:Direct control blocks exchanged during the IBM Connect:Direct authentication process. | 0–3600 The default is 120 seconds. |
|
KeyCertLabel=Identifies the label of the key certificate. | keycert label | null | |
EncryptData=If no is specified, Encrypt Only Control Block Information; data is sent unencrypted. Default is Yes - data and control block information are encrypted. | y | n | DefaulttoLN | |
ClientAuth = Enables client authentication with a remote trading partner. | y | n | DefaultToLN | |
CertCommonName=The certificate common name defined in the certificate. | name | null null—Clears any existing values from the node definition. |
|
CipherSuites= Specifies the cipher suites enabled. | comma delimited list of cipher suites | All | null | |
SeaCertValDef=Character string defined in Sterling External Authentication Server (SEAS). | character string | null null—Clears any existing values from the node definition. |
Update the Remote Node Record
The update remotenode command creates a remote node record and configures the protocol settings. The command has the following parameters:
Command | Parameter | Values |
---|---|---|
update remotenode | Name=Specifies name for the remote node record. | remote node name | wildcard Use wildcard characters to update a group of remote node records. The options are: Asterisk (*)—Any number of characters. Example: kps.* displays remote nodes with a name that starts with kps. Question mark (?)—Single character. Example: k?s.* displays kas.* and kbs.*. |
protocol=Specifies a comma delimited list of Protocols to use in the remote node record. | Disable | TLS 1.2, TLS 1.3 | DefaultToLN
TLS1.0, TLS1.1, and SSL3.0 are deprecated and should not be used. It is recommended that trading partners using deprecated protocols migrate to TLS 1.3 or TLS 1.2. (See Display Protocols) |
|
SecurityMode | Disable | FIPS140-2 | SP800-131A_TRANSITION | SP800-131A_STRICT | SUITE_B-128 | SUITE_B-192 | DefaultToLN | |
override=Identifies if values in the copy statement can override values defined in the remote node record. | y | n | DefaultToLN | |
AuthTimeout=Specifies the maximum time, in seconds, that the system waits to receive the IBM Connect:Direct control blocks exchanged during the IBM Connect:Direct authentication process. | 0–3600 The default is 120 seconds. |
|
KeyCertLabel=Identifies the label of the key certificate. | keycert label | null | |
EncryptData=If no is specified, Encrypt Only Control Block Information; data is sent unencrypted. Default is Yes - data and control block information are encrypted. | y | n | DefaulttoLN | |
ClientAuth = Enables client authentication with a remote trading partner. | y | n | DefaultToLN | |
CertCommonName=The certificate common name defined in the certificate. | name | null null—Clears any existing values from the node definition. |
|
CipherSuites= Specifies the cipher suites
enabled. Note: Only certain cipher suites are supported in FIPS-mode. For a list of the FIPS-approved cipher suites, see Special Considerations in the IBM Connect:Direct for UNIX Release Notes. |
comma delimited list of cipher suites | All | null | |
SeaEnable=Enables certificate validation by Sterling External Authentication Server. | y | n | DefaultToLN DefaultToLN—Defaults to the setting specified in the .Local node record |
|
SeaCertValDef=Character string defined in Sterling External Authentication Server (SEAS). | character string | null null—Clears any existing values from the node definition. |
Display a Remote Node Record
The display remotenode command displays information about one or more remote node records. The command has the following parameter:
Parameter | Values |
---|---|
name=Name of the remote node record to display information about. | node name | wildcard value To display information about more than one remote node record, use wildcard characters. Use wildcard characters to display information about a group of remote node records. The options are: Asterisk (*)—Any number of characters. Example: kps.* displays remote nodes with a name that starts with kps. Question mark (?)—A single character. Example: k?s.* displays kas.* and kbs.*. |
Manage Remote Node Records
Create Alias
The create alias command will create an alias record for an existing node record in the Secure+ parmfile. The command has the following parameter:
Command | Parameter | Value |
---|---|---|
create alias | name=The alias name to be used. | An alias name for an existing node name record. |
basename=The name of the existing node record. | The existing node name |
Delete a Remote Node Record
The delete remotenode command deletes one or more remote node records. The command has the following parameter:
Parameter | Values |
---|---|
name=Name of the remote node record to display information about. Use wildcard characters to delete a group of remote node records. |
remote node name | wildcard value To display information about more than one remote node record, use wildcard characters. Use wildcard characters to display information about a group of remote node records. The options are: Asterisk (*)—Any number of characters. Example: kps.* displays remote nodes with a name that starts with kps. Question mark (?)—A single character. Example: k?s.* displays kas.* and kbs.*. |