Override Settings in IBM Connect:Direct Processes

After you configured Connect:Direct® Secure Plus, security is either turned on or off each time that you use IBM Connect:Direct with a node defined in the IBM Connect:Direct Secure Plus parameter file. However, you can override some default security settings in a remote node record from a IBM Connect:Direct Process using the SECURE parameter in the PROCESS or COPY statement.
Note: The more flexible you make the environment by allowing override the less security the environment becomes. Allowing override in the Remote record allows the SNODE to override the security settings as well.

To allow a business partner to override the default security setting of whether security is turned on or off for another business partner and to choose the protocol for the remote node, the following conditions must be in place:

  • Each business partner agrees all sessions are secure or non-secure as the default
  • Each business partner agrees to allow the override of the IBM Connect:Direct Secure Plus parameters by specifying OVERRIDE=Y for both the local and remote nodes in their IBM Connect:Direct Secure Plus parameter file.
  • The remote node definition in each IBM Connect:Direct Secure Plus parameter file specifies the parameters necessary for a secure session even if the protocol is disabled including all information necessary for exchanging and validating each partner's identity. All parameters related to a protocol are defined, such as SSL/TLS cipher suites and key databases.
  • IBM Connect:Direct Secure Plus is active on both nodes.

Once the IBM Connect:Direct Secure Plus parameter files for both business partners have been set up properly, you can override the default security settings on a Process-by-Process basis to perform exception processing.

For a complete description of the SECURE parameter and how to use it in the PROCESS or COPY statement, see the IBM Connect:Direct Process Language Reference Guide.