Introduction to Sterling Connect:Direct Secure Plus for UNIX
The IBM® Sterling Connect:Direct® Secure
Plus for UNIX application provides
enhanced security for Sterling Connect:Direct and is available as
a separate component. It uses cryptography to secure data during transmission.
You select the security protocol to use with Sterling Connect:Direct Secure Plus.
Introduction to Sterling Connect:Direct Secure Plus for UNIX
The IBM Sterling Connect:Direct Secure Plus for UNIX application provides enhanced security for Sterling Connect:Direct and is available as a separate component. It uses cryptography to secure data during transmission. You select the security protocol to use with Sterling Connect:Direct Secure Plus.
Plan Your Implementation of the SSL or TLS Protocol
Set Up Sterling Connect:Direct Secure Plus
Before you can configure the node definitions that are necessary for using Sterling Connect:Direct Secure Plus, you must complete the following tasks:
Node Configuration Overview
Before you begin using Sterling Connect:Direct Secure Plus, you must configure nodes for secure operations.
Configure Certificate Authentication for Client API Connections
Automate Setup with the Secure+ CLI
The Java-based Sterling Connect:Direct Command Line Interface (Secure+ CLI) and sample script enable you to create customized script that automate creating an initial installation of Sterling Connect:Direct, populating the Secure+ parameters file, and managing node records. You can then distribute these scripts throughout your enterprise to implement the Sterling Connect:Direct application. Before you create the scripts for distribution, consider creating an installation of Sterling Connect:Direct Secure Plus using the Secure+ Admin Tool and testing it to verify the results.
Displaying the Sterling Connect:Direct Node Information
After you set up node records in Sterling Connect:Direct Secure Plus, you can view all of the nodes and their attributes from the Secure+ Admin Tool Main Menu Window . To display a Sterling Connect:Direct Secure Plus node record, open it by double-clicking the node record name.
Sterling Connect:Direct Secure Plus Statistics Record Information
Sterling Connect:Direct logs statistics for Sterling Connect:Direct Process activity. Sterling Connect:Direct statistics include Sterling Connect:Direct Secure Plus information for a Process.
Secure+ Parameters File Auditing
Sterling Connect:Direct provides auditing of Secure+ parameters files and certificates for archival purposes.
Sterling Connect:Direct Secure Plus Troubleshooting
Use the following table to help troubleshoot problems with Sterling Connect:Direct Secure Plus:
Configuration Worksheets
Certificate Files
The SSL and TLS security protocols use a secure server RSA X.509V3 certificate to authenticate your site to any client that accesses the server and provides a way for the client to initiate a secure session. You obtain a certificate from a certificate authority or you can create a self-signed certificate. When you obtain a certificate file, a trusted root certificate file and key file are created. This topic describes the layout of the trusted root certificate file and the key certificate file.
Model Automation Scripts
The following scripts are provided as models for creating custom scripts to define your Sterling Connect:Direct Secure Plus environment and automate the implementation of it. To prevent any loss of data, you cannot run the scripts, but you can save them with a different name and modify them to suit your needs.
Encrypt Passwords for use with CLI
Security Concepts
Cryptography is the science of keeping messages private. A cryptographic system uses encryption keys between two trusted communication partners. These keys encrypt and decrypt information so that the information is known only to those who have the keys.
Security Features
Connect:Direct Secure Plus enables you to implement multiple layers of security. You can select one of two security protocols to secure data during electronic transmission: Transport Layer Security (TLS) or Secure Sockets Layer protocol (SSL). Depending on the security needs of your environment, you can also validate certificates using the IBM Sterling External Authentication Server application.
Secure Plus UNIX Video Tutorials
You can view video tutorials about the installation, configuration, troubleshooting, and other technical features of Connect:Direct Secure Plus for UNIX.
Protocol Support
Sterling Connect:Direct Secure Plus Tools
Sterling Connect:Direct Secure Plus consists of five components:
Before You Begin
Before you configure the Sterling Connect:Direct environment for secure operations, ensure that you complete the following tasks: