Keygen - connect_cdc_sqdata - Latest

Connect CDC (SQData) Utilities

Product type
Software
Portfolio
Integrate
Product family
Connect
Product
Connect > Connect CDC (SQData)
Version
Latest
Language
English
Product name
Connect CDC (SQData)
Title
Connect CDC (SQData) Utilities
Copyright
2024
First publish date
2000
Last updated
2024-07-30
Published on
2024-07-30T19:47:43.164598

Connect CDC SQData's Communications Architecture relies on an encryption system made up of 32 byte Public / Private key pairs. The generation of the key pairs is one of the functions performed by the SQDutil. See the Secure Communications Guide for a detailed description of the Communications Architecture and how it uses the Networking and Cryptographic Library (NaCl).

Keygen generates NaCl key pairs.

Syntax
sqdutil keygen [options]
Keyword and Parameter Descriptions
Keyword Description
-o | --output= <directory_name>/<private_key_file_name>
Note: Linux, AIX and Windows only.
Specifies the directory where the generated NaCl keys are stored and the file name of the private key. The public key will be the same file name with the .pub extension. The Defaults, If not specified will be the operating system specific "home" directory of the requesting user, id_nacl and id_nacl.pub:
  • Linux /home/<user_id> /.nacl/id_nacl and id_nacl.pub where .nacl is a hidden directory.
  • Windows C:\Users\<user_id>\AppData\Local\sqdata\id_nacl and id_nacl.pub
-f | --force Linux, Unix and Windows only

Force overwrite of the existing public / private keys.

Sample

Below is an example of a public / private key pair as they appear in their respective files.

Public Key:

5Y3FJbqOSaaImePo7fMb4I9Zm3Cw8H1oa4gVoF9Tazg= SQDUSER1@ZOS10

Private Key:
-----BEGIN NACL PRIVATE KEY-----            
L68x1APsG4Bhhv+gG4CYP3IdsSUX3fNSQ030RUy0T5I=
-----END NACL PRIVATE KEY-----    
Note:
  • On zOS, the public key is generated into the file/dataset specified in DD:SQDPUBL and the private key is generated into the file/dataset specified in DD:SQDPKEY.
  • The Azure Key Vault is supported for components running on Linux. See Add NaCL Private Key to AKV under Operational Considerations.

Example 1

zOS JCL similar to sample member NACLKEYS included in the distribution is used to generate key pairs. The JCL would be edited to conform to the operating environment. A key pair is generated for each User_ID / Started Task associated with an Connect CDC SQData process that will communicate with an associated process running on either another platform or the same platform under a different User ID.
//*-----------------------------------------------------------------  
//*    GENERATES NACL KEYS FOR DAEMON COMMUNICATION                    
//*-----------------------------------------------------------------  
//*    PARMS MUST BE ENTERED IN LOWER CASE                           
//*                                                                    
//*    PARMS: keygen                                                  
//*    Specifies that SQDUTIL should generate public/private          
//*    key and store them in the SQDPUBL DD / SQDPKEY DD, respectively
//*    SQDPUBL: the public key that will be registered with the daemon
//*    SQDPKEY: the private key that you should not share              
//*-----------------------------------------------------------------  
//JOBLIB   DD DISP=SHR,DSN=SQDATA.Vnnn.LOADLIB                        
//*                                                                    
//SQDUTIL  EXEC PGM=SQDUTIL                                            
//SYSPRINT DD SYSOUT=*                                                
//SYSOUT   DD SYSOUT=*                                                
//SQDPUBL  DD DSN=&SYSUID..NACL.PUBLIC,                                
//            DCB=(RECFM=FB,LRECL=80,BLKSIZE=21200),                  
//            DISP=(,CATLG,DELETE),UNIT=SYSDA,                        
//            SPACE=(TRK,(1,1))                                        
//SQDPKEY  DD DSN=&SYSUID..NACL.PRIVATE,                              
//            DCB=(RECFM=FB,LRECL=80,BLKSIZE=21200),                  
//            DISP=(,CATLG,DELETE),UNIT=SYSDA,                        
//            SPACE=(TRK,(1,1))                                        
//*                                                                    
//SQDPARMS DD *                                                        
keygen                                                                
/*

Example 2

The default syntax for Linux, AIX and Windows are identical and can be run at the command prompt or in a script:

sqdutil keygen

Example 3

Override the default location for application "abc" but use the recommended default file names and force them to be overwritten on Linux:

sqdutil keygen -o /var/opt/sqdata/abc/.nacl/id_nacl -f