Creating a CDSA Secure+ (Secure Plus) profile

You can create a CDSA Secure+ (Secure Plus) profile.

  1. Sign in to PEM Partner Repository as a Sponsor Administrator.
  2. Click Directory. By default, the details of the Partners tab are displayed.
  3. In the Actions column, select CDSAS Configuration from the list for the appropriate company. The CDSAS Configuration window opens.
  4. Click the appropriate CDSA Secure+ (Secure Plus) protocol such as CDSAS Inbound Pull, CDSAS Inbound Push, CDSAS Outbound Pull, or CDSAS Outbound Push that you want to configure.
  5. Click Create. An appropriate window opens.
    For example, if you select CDSAS Inbound Pull, the CDSAS Inbound Pull window opens.
  6. Optional: In the Name field, enter the name of the CDSA Secure+ (Secure Plus) profile. If left blank, the name is automatically generated when you save your changes.
  7. Optional: In Configuration Types, click Select to select the configuration types for the profile. The Select Configuration Types window opens.
    1. Click the appropriate configuration type from the list. Otherwise, click Add. The Configuration Type window opens.
    2. From the Type list, select the appropriate configuration type.
    3. Optional: In the Checkpoint Interval field, specify the byte interval for checkpoint support, which allows restart of interrupted transmissions at the last valid checkpoint point. Therefore, it reduces the time to retransmit the file. Valid value is number of bytes, in one of the following formats:
      • nnnnnnnnnn
      • nK or nM
      • nm or nk
    4. Optional: In the Disposition Applied To Remote File field, specifies how the destination file is to be created on the remote server.
    5. Optional: In the Remote File Name field, enter the name of the destination file that is copied to the remote server.
    6. In the Local Node Name field, enter the name of the local server.
    7. In the Local Host field, enter the local host name or IP address. A valid Host name can contain alphanumerical string of characters [A-Z] and [a-z], numbers [0-9], hyphen, and a period.
    8. In the Local Port field, enter the local port number. The valid values are 1-32767.
    9. Optional: In Local User Credential, click Select.... The Select User Credential window opens. From the list, select the local user credential name that you want to add.
    10. In Remote User Credential, click Select.... The Select User Credential window opens. From the list, select the remote user credential name that you want to add.
    11. Optional: In the Max Local Node Sessions field, enter the maximum concurrent connections for all local nodes. The default value is 5.
    12. Optional: In the Max Remote Node Sessions field, enter the maximum concurrent connections for all remote nodes. The default value is 5.
    13. In the Remote Node Name field, enter the name of the remote server.
    14. In the Remote Host field, enter the remote host name or IP address.
    15. In the Remote Port field, enter the remote port number. The valid values are 1-32767.
    16. Optional: In the Sysopts To Remote File field, enter the sysopts to be applied to a remote file.
    17. Optional: From the Require Client Authentication list, select the default authentication type or change to match your system. The default value is Yes.
    18. Optional: In the Certificate Common Name field, specify to verify the certificate common name that is applicable for signed certificates that are used.
    19. Optional: In the Alternate Comm Info field, enter the alternative communication information (communication path) to be used if the node has more than one outgoing IP address. Specify the IP addresses or host names in a comma-delimited list.

      Provides the support for establishing netmap-checked sessions with high-availability (especially load balancing) systems with multiple IP addresses. Use this parameter to list all IP addresses or host names that are part of the multiple IP address environment. If a remote node has more than one outgoing IP address (as in a load balancing environment), specify all of the remote node's possible outgoing addresses in the Alternate Comm info field so that those outgoing IP addresses are contained in the local node's netmap entry for that remote node. This configuration ensures to check netmap to succeed when the remote node connects to the local node by using any of the possible outgoing IP addresses specified.

    20. Optional: In Extensions, click Select.... The Select Extensions window opens.
      1. Click Add. The Select Extensions window opens.
      2. In the Name field, enter the extension name.
      3. In the Value field, enter the extension value.
      4. Click OK.
    21. In Certificates, click Select. The Select Certificates window opens. You can select the CA digital certificate to be used for validating the server for this connection, which is chosen from the list of CA certificates that are imported into PEM Partner Repository.
      1. Click Add. The Certificate window opens.
      2. From the Certificate Type list, select CA. By default, CA certificate type is displayed.
      3. In SSL Certificate, click Select.... The Select SSL Certificate window opens that provides the list of certificates. Select the appropriate certificate from the list.
    22. Optional: In System Certificate, click Select.... The Select SSL Certificate window opens. Select the system certificate from the list, and click Clear.
    23. Optional: From the NIST Compliance list, select the appropriate compliant certificate for configuring CDSAS profile.
    24. From the Security Protocol list, select the security protocol.
    25. In Cipher Suites, select a cipher suite value and click right arrow ("greater than" symbol) (>) to add the value to the selected cipher suite list.

      To move any cipher suite value out of the selected cipher suite list, click the left arrow ("less than" symbol) (<).

  8. Close all the other windows by clicking OK.
  9. Click Save to save your changes.