Default Cipher Suite Override

The business partners agreed by default all sessions are secure and chose TLS as the default protocol. Both partners specified the following configuration in their Connect:Direct® Secure Plus parameter files:

  • Enabled the TLS protocol
  • Specified OVERRIDE=Y in both the Local and Remote Node records
  • Selected TLS_RSA_WITH_RC4_128_MD5 as the cipher suite to use when executing Processes

To override the default cipher suite and use TLS_RSA_WITH_3DES_EDE_CBC_SHA when executing a particular Process, they use the following PROCESS statement:

NEWCIPHER PROCESS SNODE=OTHERBP SECURE=(TLS,TLS_RSA_WITH_3DES_EDE_CBC_SHA)