Disabling Strong Password Encryption

If the Strong Password Encryption feature is backed out inappropriately by deleting the .PASSWORD record while encrypted passwords exist in the TCQ and AUTH files in the SPE format, you will see one of the messages listed in the following section, SPE Problem Troubleshooting. If the SPE feature is backed out inappropriately, the only option is to COLD start the TCQ and rebuild the entire AUTH file.

Follow the procedure in this section, restart IBM Connect:Direct Secure Plus for z/OS®, and then enable the SPE feature again. Perform this procedure as documented, do not vary from the procedure.

To disable the SPE feature:

  1. Start the Secure+ Admin Tool to display the Secure+ Admin Tool: Main Screen, which displays the nodes populated from the IBM Connect:Direct Secure Plus for z/OS network map along with other records in the IBM Connect:Direct Secure Plus parameter file.
      File  Edit  Help                                                            
     CD.ZOS.NODE         Secure+ Admin Tool: Main Screen              Row 1 of 7
     Option ===> __________________________________________________  Scroll CSR 
                              Table Line Commands are:                             
      U Update node           H View History          D Delete node                
      I Insert node           V View node                                          
      Node Filter : *_______________                                                              
                               Secure+                      External Client        
     LC Node Name         Type Protocol Override Encryption   Auth    Auth         
     -- ----------------  ---- -------- -------- ---------- -------- --------      
     __ .CLIENT            R   *            N         *         *       *          
     __ .EASERVER          R   TLSV10       N         *         N       *          
     __ .PASSWORD          R   Disabled     *         *         *       *          
     __ CD.UNIX.NODE       R   TLSV10       *         *         *       *          
     __ CD.UNIX.NODE2      R   TLSV12       *         *         *       *          
     __ CD.ZOS.NODE        L   Disabled     Y         N         N       N          
     __ CD.ZOS.NODE2       R   *            *         *         *       *          
    ********************************* BOTTOM OF DATA ****************************
  2. Type U next to the .PASSWORD record and press Enter to display the Secure+ Create/Update Panel - SPE Parameters screen.
  3. On the SPE Parameters panel, type N next to the Enable SPE field and press Enter.
  4. Save the parameter file using the procedure in IBM Connect:Direct Secure Plus Operation Enablement and Validation.
  5. Restart IBM Connect:Direct Secure Plus for z/OS.