Securing the Connect:Direct connection by using the SSL or TLS protocol

The first step to strengthen security is to secure the communications channel. This procedure describes how to enable a SSL or TLS protocol for the Connect:Direct® connections to and from Secure Proxy in a netmap you created in the basic configuration.

To require that Secure Proxy perform common name checking, enable this option and identify the common name in the configuration.

Before you can configure this option, you must obtain the necessary certificates and place them in the Secure Proxy Cert Store. Refer to About SSL/TLS certificates for instructions.

To enable a SSL or TLS protocol:

  1. Select Configuration from the menu bar.
  2. Expand the Netmaps tree and select a netmap to modify.
  3. Select a node to modify, and click Edit.
  4. Click the Security tab, and then click Use secure+ to enable security.
  5. To enable common name checking:
    1. Click Verify Common Name.
    2. Type the certificate common name in the Certificate Common Name field.
  6. Select values for the following fields:
    • Security Setting
    • Trust Store
    • CA Certificates/Trusted Root
      Important: Be sure to highlight the certificate to select. If only one certificate is displayed in the field, it is not selected until you highlight it.
    • Key Store
    • Key/System Certificate
    • Selected Cipher Suites
  7. Click OK.
  8. Click Save.
  9. Establish a session that is initiated by a Connect:Direct PNODE to test the configuration.