Disabling IBM Connect:Direct Secure Plus in a Remote Node Record

If you have remote nodes that do not use Connect:Direct® Secure Plus, then you must disable all protocols for those node.

To disable all protocols in a remote node record imported from the network map:

  1. Type U next to the remote node record to update and press Enter to display the current values for the selected node.
    Note: An asterisk in a field on the Secure+ Admin Main Screen indicates the value Default to Local Node. 
    File  Edit  Help                                                            
_____________________________________________________________________________
 CD.ZOS.NODE         Secure+ Admin Tool: Main Screen              Row 1 of 7
 Option ===> __________________________________________________  Scroll CSR 
                        
                          Table Line Commands are:                             
                                                                               
  U Update node           H View History          D Delete node                
  I Insert node           V View node                                          
                                                                               
  Node Filter : *_______________                                                              
                                                                               
                           Secure+                      External Client        
 LC Node Name         Type Protocol Override Encryption   Auth    Auth         
 -- ----------------  ---- -------- -------- ---------- -------- --------      
 __ .CLIENT            R   *            N         *         *       *          
 __ .EASERVER          R   TLSV10       N         *         N       *          
 __ .PASSWORD          R   Disabled     *         *         *       *          
 __ CD.UNIX.NODE       R   TLSV10       *         *         *       *          
 __ CD.UNIX.NODE2      R   TLSV12       *         *         *       *          
 __ CD.ZOS.NODE        L   Disabled     Y         N         N       N          
 __ CD.ZOS.NODE2       R   *            *         *         *       *          
********************************* BOTTOM OF DATA ****************************
  2. Select EA Parameters and press Enter.
  3. In the EA Parameters panel, disable the External Authentication parameter by typing N beside the External Auth field, if necessary. The remaining external authentication parameters are unavailable because they are valid only for the .EASERVER remote node record.
  4. Select SSL/TSL Parameters in the panel selection line and press Enter.
  5. If necessary, disable the SSL and TLS protocols by typing N beside the Enable SSL and Enable TLS fields.
    Note: With latest version release of IBM Connect:Direct for z/OS® (v6.3), for SSL, TLS 1.0, and TLS 1.1, you can either set the protocols to ‘Default to Local’ by typing D beside the Enable SSL and Enable TLS fields or, you can disable these protocols by typing N beside Enable SSL and Enable TLS fields; enabling older SSL and TLS protocols is not allowed. Once disabled, you’ll not be able to enable these protocols again with v 6.3.
  6. If necessary, disable the SSL and TLS protocols by typing N beside the Enable SSL and Enable TLS fields, if necessary.
  7. Select OK and press Enter to display the updated values.
  8. Read all warning and error messages. You can continue configuring the environment without resolving warning messages, but you may be unable to perform secure communications. You must resolve all errors before saving the parameter file.
  9. Save the parameter file using the instructions in IBM Connect:Direct Secure Plus Operation Enablement and Validation.