Configuration Guidelines
When you use the manual method to populate the parameter file, you should consider disabling all protocols and external authentication and allow override in the local node record. Review the Node Configuration Table to determine the configuration approach that best suits your needs, and use the following guidelines when you configure the local node record manually:
- Disable the Connect:Direct® Secure Plus protocols (TLS/ SSL) in the local node record. Then configure each remote node record with the protocol used by that trading partner. To disable all protocols and the External Authentication Server application, you must change Default to Local Node settings in the following panels: SSL/TLS Parameters and EA Parameters. Allow overrides in the Local Node settings.
- Disable external authentication.
- For all environments, you must define required settings in the local node record, including certificate information used with the TLS or SSL protocol. You can also define optional settings in the local node record and use them in all remote node records.
- Read all warning and error messages. You can continue configuring the environment without resolving warning messages, but you may be unable to perform secure communications. You must resolve all errors before saving the parameter file.
- To enable secure connections using Connect:Direct Secure Plus, you must complete the procedures in Adding the Local Node Record to the Parameter File Manually for the SSL or TLS Protocol, Adding a Remote Node Record to the Parameter File Manually for the SSL or TLS Protocol, and Connect:Direct Secure Plus Operation Enablement and Validation.
- Before you start the Secure+ Admin Tool to add your local and remote node records, verify that you have allocated the ISPF libraries in your TSO session that are required to save the Connect:Direct Secure Plus parameter file (see IBM® Connect:Direct ISPF Libraries in TSO for details).