Override Settings in IBM Connect:Direct Processes
After you configured Connect:Direct® Secure Plus, security is either
turned on or off each time that you use IBM® Connect:Direct with a node defined in the
Connect:Direct Secure Plus parameter file.
However, you can override some default security settings in a remote node record from a IBM Connect:Direct Process using the SECURE
parameter in the PROCESS or COPY statement.
Note: The more flexible you make the environment by
allowing override the less security the environment becomes. Allowing override in the Remote record
allows the SNODE to override the security settings as well.
To allow a business partner to override the default security setting of whether security is turned on or off for another business partner and to choose the protocol for the remote node, the following conditions must be in place:
- Each business partner agrees all sessions are secure or non-secure as the default
- Each business partner agrees to allow the override of the Connect:Direct Secure Plus parameters by specifying OVERRIDE=Y for both the local and remote nodes in their Connect:Direct Secure Plus parameter file.
- The remote node definition in each Connect:Direct Secure Plus parameter file specifies the parameters necessary for a secure session even if the protocol is disabled including all information necessary for exchanging and validating each partner's identity. All parameters related to a protocol are defined, such as SSL/TLS cipher suites and key databases.
- Connect:Direct Secure Plus is active on both nodes.
Once the Connect:Direct Secure Plus parameter files for both business partners have been set up properly, you can override the default security settings on a Process-by-Process basis to perform exception processing.
For a complete description of the SECURE parameter and how to use it in the PROCESS or COPY statement, see the IBM Connect:Direct Process Language Reference Guide.