Configuration Guidelines

When you use the manual method to populate the parameter file, you should consider disabling all protocols and external authentication and allow override in the local node record. Review the Node Configuration Table to determine the configuration approach that best suits your needs, and use the following guidelines when you configure the local node record manually:

  • Disable the Connect:Direct® Secure Plus protocols (TLS/ SSL) in the local node record. Then configure each remote node record with the protocol used by that trading partner. To disable all protocols and the External Authentication Server application, you must change Default to Local Node settings in the following panels: SSL/TLS Parameters and EA Parameters. Allow overrides in the Local Node settings.
  • Disable external authentication.
  • For all environments, you must define required settings in the local node record, including certificate information used with the TLS or SSL protocol. You can also define optional settings in the local node record and use them in all remote node records.
  • Read all warning and error messages. You can continue configuring the environment without resolving warning messages, but you may be unable to perform secure communications. You must resolve all errors before saving the parameter file.
  • To enable secure connections using IBM Connect:Direct Secure Plus, you must complete the procedures in Adding the Local Node Record to the Parameter File Manually for the SSL or TLS Protocol, Adding a Remote Node Record to the Parameter File Manually for the SSL or TLS Protocol, and IBM Connect:Direct Secure Plus Operation Enablement and Validation.
  • Before you start the Secure+ Admin Tool to add your local and remote node records, verify that you have allocated the ISPF libraries in your TSO session that are required to save the IBM Connect:Direct Secure Plus parameter file (see IBM Connect:Direct ISPF Libraries in TSO for details).