Scenario 7 - Modifying the Connect:Direct Server Adapter Configuration to Use Sterling Connect:Direct Secure Plus (V5.2 - 5.2.5)
Use the following procedure to modify a Connect:Direct Server Adapter in Sterling B2B Integrator to enable it to use Sterling Connect:Direct® Secure Plus:
- From the Deployment menu, select Services > Configuration.
- To select an existing Connect:Direct Server Adapter, use the Search or List pane to display and select the adapter, and click Go!.
- Select edit on the Services Configuration page and then click Next until you see Encryption page.
- Configure the following fields for this scenario.
| Field | Value to Enter | Description |
|---|---|---|
| Encryption using Secure+ | Enabled. | Whether Sterling Connect:Direct Secure Plus is enabled. Required. Valid values are Enabled and Disabled. Default is Disabled. |
| Enable Netmap Node Override | Select Yes for this scenario. Configure Sterling Connect:Direct Secure Plus at the adapter level and allow node level settings to override the adapter Sterling Connect:Direct Secure Plus settings. | If Yes, specifies that remote node netmap security settings override the adapter security settings. Required. Valid values are Yes and No. Default is No. |
| CA Certificates | Select the CA certificate you checked in above. This is the CA root certificate for the Sterling Connect:Direct server. |
Drop-down menu that contains a list of trusted Certificate Authority public certificates. Only displayed if "Encryption using Secure+" is enabled. Required if Encryption using Secure+ is enabled. Valid values are all CA certificates in this installation of your application. |
| System Certificate | Select the System certificate you checked in above. This is the certificate for the Connect:Direct Server Adapter node. |
List of private keys and public certificates signed by the trading partner trusted certificate authority. This represents the certificate for the local node (this adapter). Only displayed if Encryption using Secure+ is enabled. Required if Encryption using Secure+ is enabled. Valid values are all system certificates in this installation of your application. |
| Certificate Common Name | If you want to verify the Common Name of the Sterling Connect:Direct CA
certificate, specify it here. This feature is only available if you use signed certificates. Coordinate this with the remote Sterling Connect:Direct administrator. |
Value to be compared with the Common Name (CN)
field from the remote node's certificate during TLS/SSL handshake
in order to enhance certificate authentication. Only displayed if
Encryption using Secure+ is enabled. May be overridden at the node
level. Note: To see the actual CNs being compared during the handshake, set the Perimeter Services logging level to ALL. |
| Cipher Suites | Select which cipher suites you wish to use. Coordinate this list with the remote Sterling Connect:Direct administrator. Best practice is to list cipher suites in strongest to weakest order. |
Indicates cipher suites available to support varying encryption levels. Multiple selections allowed. Selections can be rank ordered. Only displayed if "Encryption using Secure+" is enabled. Required if "Encryption using Secure+" is enabled. Valid values are all available cipher suites in this installation of your application. |
| SSL or TLS | Select SSL or TLS. Coordinate this choice with the remote Sterling Connect:Direct administrator. |
Indicates if Sterling Connect:Direct Secure Plus is enabled using SSL or TLS. Only displayed if "Encryption using Secure+" is enabled. Required if "Encryption using Secure+" is enabled. Valid values are SSL and TLS. Default is TLS. |
| Require Client Authentication | Select Yes or No for client authentication. Coordinate this choice with the Sterling Connect:Direct administrator. |
Indicates whether authentication occurs at the
client level. Valid values are: Yes No |