Update the .Local Node Record
The update localnode command configures the protocol for the .Local node record. The command has the following parameters:
Command | Parameter | Values |
---|---|---|
update localnode | protocol=Specifies a comma delimited list of Protocols to use in the .Local node record. | Disable | TLS 1.2,TLS 1.3 (See Display Protocols) TLS1.0, TLS1.1, SSL3.0 are deprecated and should not be used. It is recommended that trading partners using deprecated protocols migrate to TLS 1.3 or TLS 1.2. |
SecurityMode | Disable | FIPS140-2 | SP800-131A_TRANSITION | SP800-131A_STRICT |
SUITE_B-128 | SUITE_B-192 (See Display SecurityModes) |
|
override=Identifies if values in the remote node can override values defined in the .Local node record. | y | n | |
AuthTimeout=Specifies the maximum time, in seconds, that the system waits to receive the IBM Connect:Direct® control blocks exchanged during the IBM Connect:Direct authentication process. | 0–3600 The default is 120 seconds. |
|
KeyCertLabel=Identifies the label of the key certificate. | keycert label | null Note: If no keycert label is specified, the following
should be noted:
Pnode sessions will fail if the remote node requires client authentication. Snode sessions will fail. |
|
EncryptData=If no is specified, Encrypt Only Control Block Information; data is sent unencrypted. Default is Yes - data and control block information are encrypted. | y | n | |
ClientAuth = Enables client authentication in a .Client node record. | y | n | |
CipherSuites= Specifies the cipher suites
enabled. Note: Only certain cipher suites are supported in FIPS-mode. For a list of the FIPS-approved cipher suites, see Special Considerations in the IBM Connect:Direct for UNIX Release Notes. |
comma delimited list of cipher suites | all | null all—Enables all ciphers. null—Clears any existing values from the node definition. |
|
SeaEnable=Enables certificate validation by Sterling External Authentication Server | y | n | |
SeaCertValDef=Character string defined in Sterling External Authentication Server (SEAS). | character string | null null—Clears any existing values from the node definition. |