Local Node Security Feature Definition Worksheet
Record the security feature definitions for the Connect:Direct® Secure Plus local node record on this worksheet. Refer to this worksheet as you configure the local node record. If you plan to use FIPS mode, see Planning for System SSL in FIPS Mode and z/OS V1R11.0 Cryptographic Services System Sockets Layer Programming SC24-5901-08.
| Local Node Name:____________________________________________________________________________ | |
|---|---|
| TLS protocol enabled: Note: If System SSL is in
FIPS mode, TLS is the only supported protocol. See Planning for System SSL in FIPS Mode.
|
Yes _____ No ______ TLS1.0 ___ TLS1.1 ____ TLS1.2 ___TLS1.3 ___ |
| SSL protocol enabled: | Yes _____ No ______ |
| Configured Security Functions | |
| Override enabled: | Yes _____ |
| Encryption enabled: | Yes _____ No ______ |
| Authorization Timeout: Set the value equal to or greater than the value set for the IBM® Connect:Direct TCP.TIMER initialization parameter. |
__________(Numeric value equal to or greater than 0 seconds) |
| Certificate Label (label specified when the certificate
was generated using one of the security applications; may be called
LABLCERT): Note: If System SSL is in FIPS Mode, the Certificate Label
has FIPS requirements. See Planning for System SSL in FIPS Mode.
|
___________________________________________________ Valid only for SSL or TLS |
| Certificate Pathname: key database or key ring Note: If
System SSL is in FIPS Mode, the Certificate Pathname has FIPS requirements.
See Planning for System SSL in FIPS Mode.
|
___________________________________________________ Valid only for SSL or TLS |
| Password: Valid only for certificates created in a gskkyman database; leave blank for key rings. |
_____________________________________ |
| Cipher Suite(s) to Enable: Applies only to SSL and TLS Note: If System SSL is in FIPS mode, only certain ciphers
are valid. See the IBM
Connect:Direct for z/OS® Release
Notes for a list of valid FIPS-mode ciphers.
|
___________________________________________________ |
| Enable External Authentication: Applies only to SSL and TLS |
Yes _____ No ______ |