Connect DB2/z using key-based authentication - Connect_CDC - connect_cdc_mimix_share - Latest

Connect CDC Getting Started Guide

Product type
Software
Portfolio
Integrate
Product family
Connect
Product
Connect > Connect CDC (MIMIX Share)
Version
Latest
Language
English
Product name
Connect CDC
Title
Connect CDC Getting Started Guide
Copyright
2024
First publish date
2003
ft:lastEdition
2024-07-19
ft:lastPublication
2024-07-19T23:32:53.515937

To enable communication between the Connect CDC server components on the mainframe and Connect CDC, generate a public/private key pair per user on both Linux and Windows systems on which you design Connect CDC metabases.

A public/private key pair is comprised of a public key, which must be added to the list of authorized keys on the Connect CDC server, and a private key, which is the secret key that Connect CDC users require to request authorization to consume captured data from the Connect CDC server.

To generate a public/private key pair for a given user:

  1.    Access the executable, cdcutil, from the following directory:

    • Linux

    <connect_install>/native
    • Windows

    <connect_install>\native
  2.     Execute the command cdcutil keygen

Upon creation, the public/private key text files, are written to the following default directories:

  • Linux

Public key: <user_home_directory>/.nacl/id_nacl.pub

Private key: <user_home_directory>/.nacl/id_nacl

  • Windows

Public key: <user_home_directory>\AppData\Local\.nacl\id_nacl.pub

Private key: <user_home_directory>\AppData\Local\.nacl\id_nacl

After generating a public/private key pair, consider the following:

  • Send the public key text files that were generated on both Linux and on Windows to the mainframe administrator for inclusion in the list of authorized keys on the Connect CDC server.

  • If the private key text files remain in the default user home directory on Linux and on Windows, no additional action is required for Connect CDC to locate the private keys. If you move the private key text file from the default user home directory on Linux, or Windows or both, create an environment variable, change references to the private key file to the new path for the impacted server connections.

Note: If you choose not to create and export an environment variable, ensure that the private key files are in the default paths on both Linux and on Windows.