Authenticating IBM Control Center to IBM Sterling Connect:Direct with a certificate

Certificate authentication refers to the way to authenticate IBM® Control Center to a Sterling Connect:Direct® server with an IBM Control Center SSL certificate. With certificate authentication, you do not need to update the Sterling Connect:Direct node settings in IBM Control Center when the Sterling Connect:Direct passwords are changed.

When certificate authentication is enabled, IBM Control Center sends your user information to the Sterling Connect:Direct server through a secure connection. To configure IBM Control Center to monitor a Sterling Connect:Direct server with certificate authentication, see Adding a server.

You are also authorized to manage the Sterling Connect:Direct server with IBM Control Center depending on your authority with IBM Control Center. When you are creating the IBM Control Center certificate, the value in the Common Name field needs to also be a Sterling Connect:Direct User Authority that is going to be used to log in to the Sterling Connect:Direct server. The Sterling Connect:Direct user Authority controls user access to the Sterling Connect:Direct server and controls the Sterling Connect:Direct commands and statements users can use.

The following three conditions must be satisfied for a client connection to be authenticaed when the Sterling Connect:Direct server completes certificate authentication:

The certificate that is presented by the client must be trusted by the Sterling Connect:Direct server.
The Common Name of the certificate that is presented by the client must match a Sterling Connect:Direct Functional Authority entry with sufficient permission to monitor the product.
The Sterling Connect:Direct Functional Authority entry must have Certificate Authentication Client Access set to Yes.