Connect:Direct Secure Plus Parameter File

The Connect:Direct® Secure Plus parameter file contains information that determines the protocol and encryption method used during security-enabled IBM® Connect:Direct operations. To configure Connect:Direct Secure Plus, each site must have a parameter file that contains one local node record and a remote node record for each trading partner who uses Connect:Direct Secure Plus to perform a secure connection. The local node record defines the most commonly used security and protocol settings at the site and can be used as a default for one or more remote node records. Each remote node record defines the specific security and protocol used by a trading partner.

For additional security, the parameter file is stored in an encrypted format. The information used for encrypting and decrypting the parameter file (and private keys) is stored in the Connect:Direct Secure Plus access file.

Passwords are protected in the TCQ and AUTH files by encrypting them with Connect:Direct Secure Plus's proprietary "Polyalphabetic Substitution Cipher" which is a weak encryption. A stronger encryption algorithm, TDESCBC112, can be used if you add a .PASSWORD record to the Connect:Direct Secure Plus parameter file. After you create this record, enable the Strong Password Encryption (SPE) feature, and restart Connect:Direct Secure Plus, SPE protects Connect:Direct Secure Plus passwords stored in the TCQ and AUTH files with the stronger algorithm. For more information on using this feature, refer to Implementing Strong Password Encryption.