SSL/TLS Parameters

The following table describes the parameters displayed when you select SSL/TLS Parameters from the Secure+: Create/Update panel.
Note: If System SSL is in FIPS mode, then TLS is the only supported protocol. See Planning for System SSL in FIPS Mode
Table 1.
                       Secure+ Create/Update Panel            
Option ===> 

Node Name:   CD.ZOS.NODE        Type:  L       (Local or Remote) 
--------------------------------------------------------------------------
 Security Options     |  EA Parameters        |  SSL/TLS Parameters       |
 ---                     --                      ---                      |
--------------------------------------------------------------------------

Enable Client Auth            N                 (Yes   No   Default to Local)
Enable Data Encrypt           N                 (Ignored  Forced to Y)

                               ------------------------------------------- 
   Certificate Label          | CD_CERT                                   | 
       Cipher Suites          | 13021301009D003D0035009C003C002F000A003B  | 
Certificate Pathname          | /u/USER11/CDDEMO1.kdb                     | 
Certificate Common Name       |                                           | 
                               ------------------------------------------- 




                                                     OK        Cancel    
                                                     --        ---
SSL/TLS Parameters Valid for the Local Node? Valid for the Remote Node?
Enable Client Auth Not a good idea to enable this parameter in the local node record. Yes. Valid only for remote nodes that use the SSL or TLS protocol.
Enable Data Encrypt Deprecated (But Valid for lower release) Deprecated (But Valid for lower release)
Certificate Label Yes

Optional, if a default certificate is defined in the key store.

Yes, if required to over ride to Local record
Certificate Path name Yes, required No, can only be specified on the Local record
Certificate Common Name Yes, but generally not specified on the Local record Yes, commonly used in the Remote record