Establishing Secure TCP API Connections to a IBM Connect:Direct Secure Plus-Enabled Server
About this task
IBM® Connect:Direct® servers that use IBM Connect:Direct Secure Plus allow you to allow secure TCP API connections. Secure API applications can include Control Center and Sterling Connect:Direct Browser User Interface.
The Connect:Direct CICS Option, IBM
Connect:Direct for z/OS®
batch interface, ISPF IUI, Console interface and Interconnect Option (ICO) do not support a
secure connection. If a .CLIENT
record is enabled, ensure that SNA protocol is
available and configured for these User Interfaces.
To enable secure TCP API connections, define a remote node record called .CLIENT
and disable override. Additionally, identify the protocol to use for secure API connections.
Defining a remote node called .CLIENT
and disabling override prevents nonsecure
connections to the IBM Connect:Direct
server without disabling override settings in the local node record.
An API configuration follows the same rules as other remote node connections with the following exceptions:
- API connections use either the SSL or the TLS security protocol.
- The IBM Connect:Direct server supports TCP and defines a TCP API port for these connections. Refer to IBM Connect:Direct for z/OS Administration Guide for instructions on setting up TCP API support on the server.
- Settings in the .CLIENT node definition automatically override the local node.
To configure a .CLIENT remote node record when IBM Connect:Direct Secure Plus is enabled: