Update the .Local Node Record

The update localnode command configures the protocol for the .Local node record. The command has the following parameters:

Command Parameter Values
update localnode protocol=Specifies a comma delimited list of Protocols to use in the .Local node record. Disable | TLS 1.2,TLS 1.3

(See Display Protocols)

TLS1.0, TLS1.1, SSL3.0 are deprecated and should not be used. It is recommended that trading partners using deprecated protocols migrate to TLS 1.3 or TLS 1.2.

  SecurityMode Disable | FIPS140-2 | SP800-131A_TRANSITION | SP800-131A_STRICT | SUITE_B-128 | SUITE_B-192

(See Display SecurityModes)

  override=Identifies if values in the remote node can override values defined in the .Local node record. y | n
  AuthTimeout=Specifies the maximum time, in seconds, that the system waits to receive the IBM Connect:Direct® control blocks exchanged during the IBM Connect:Direct authentication process. 0–3600

The default is 120 seconds.

  KeyCertLabel=Identifies the label of the key certificate. keycert label | null
Note: If no keycert label is specified, the following should be noted:

Pnode sessions will fail if the remote node requires client authentication.

Snode sessions will fail.

  EncryptData=If no is specified, Encrypt Only Control Block Information; data is sent unencrypted. Default is Yes - data and control block information are encrypted. y | n
  ClientAuth = Enables client authentication in a .Client node record. y | n
  CipherSuites= Specifies the cipher suites enabled.

Note: Only certain cipher suites are supported in FIPS-mode.

comma delimited list of cipher suites | all | null

all—Enables all ciphers.

null—Clears any existing values from the node definition.

  SeaEnable=Enables certificate validation by Sterling External Authentication Server y | n
  SeaCertValDef=Character string defined in Sterling External Authentication Server (SEAS). character string | null

null—Clears any existing values from the node definition.