Secure+ Parameters File

The Connect:Direct® Secure Plus parameters file (Secure+ parameters file) contains information that determines the protocol and encryption method used during encryption-enabled Connect:Direct Secure Plus operations. To configure Connect:Direct Secure Plus, each site must have a Secure+ parameters file that contains one local node record and at least one remote node record for each trading partner who uses Connect:Direct Secure Plus to perform a secure connection. The local node record defines the most commonly used security and protocol settings for the node at the site. The local node record can also be used as a default for one or more remote node records. Each remote node record defines the specific security and protocol settings used by a trading partner. You should create a remote node record in the Secure+ parameters file for each Connect:Direct node that you communicate with even if the remote node does not use Connect:Direct Secure Plus.

Note: The Secure+ parameters file is not dynamically updated. When multiple users update the Secure+ parameters file, each user must close and reopen the file to display new records added by all sources.

When you create the Secure+ parameters file, a record named .SEAServer is automatically added to the file, which enables Connect:Direct to interface with Sterling External Authentication Server during TLS session. External authentication is configured in this record and enabled/disabled in the local and remote node records.

With v6.1, Connect:Direct Secure Plus support to cache certificate validation responses from External Authentication Server when it interfaces External Authentication Server during a TLS session. This minimizes the overhead associated with requesting certificate validation from External Authentication Server, thus eliminating the need for Connect:Direct Secure Plus to query External Authentication Server each time. External Authentication Server response caching feature is disabled by default. To enable it see, Update the Sterling External Authentication Server Record and Configure External Authentication in the .SEAServer Record.

For additional security, the Secure+ parameters file is stored in an encrypted format. The information used for encrypting and decrypting the Secure+ parameters file (and private keys) is stored in the Secure+ access file.