To implement the Strong Password Encryption (SPE), you
add an SPE record to the Connect:Direct® Secure Plus parameter
file in the same way you would any remote node record. After you go
through the following procedure and restart IBM Connect:Direct Secure Plus for z/OS®, the SPE feature will be in
effect.
About this task
To add an SPE record to the
IBM Connect:Direct Secure Plus parameter file and
enable the SPE feature follow the procedure given below:
Procedure
- Select Edit from the Secure+ Admin
Tool Main Screen and press Enter.
- On the Edit menu, select 1 to
display the Secure+ Create/Update Panel and pressEnter.
-
On the Secure+ Create/Update panel type .password in the Node
Name field and press ENTER. This changes the screen to enable
only fields that are appropriate for the .password record.
-
On the SPE Parameters panel, type Y to the
Enable SPE field
and
N to the disable SPE.
Press Enter to enable SPE and finish creating the SPE record by
clicking OK.
- Save the parameter file using the procedure in IBM Connect:Direct Secure Plus Operation
Enablement and Validation.
- Restart IBM Connect:Direct Secure Plus for z/OS.
- To verify that IBM Connect:Direct Secure Plus for z/OS initialization is complete
along with the SPE feature, after you restart IBM Connect:Direct Secure Plus for z/OS, review the task output for
the following messages interspersed with the other initialization
messages:
SITA460I Strong Password Encryption Initiated; CONNECT.CD.AUTH
SITA462I Strong Password Encryption Completed; CONNECT.CD.AUTH
SITA460I Strong Password Encryption Initiated; CONNECT.CD.TCQ
SITA462I Strong Password Encryption Completed; CONNECT.CD.TCQ
Note: These messages display even if no .PASSWORD record exists and no encryption is possible. If
you return to the Secure+ Create/Update Panel - SPE Parameters screen where you enabled SPE, you
should see (SPE currently in use) displayed to confirm that SPE has indeed been implemented.