The IASCRYPT file contains the actual encryption keys for the CRYPTNAMEs mentioned in IASAGENT. This file is a separate file so that you can use external data set security to control access if necessary.
One of the most important purposes for this file is to ensure the encryption keys that are defined on the agent match the encryption keys coded in this member/file. If the encryption keys do not match between CA WA CA 7 Edition and the agent, communication is not successfully established and the agent does not execute jobs.
A sample member for IASCRYPT is provided in the CA IAS-supplied library CIASOPTN(IASCRYPT).
The following statement defines the encryption keys:
CRYPTNAME NAME(name) KEY(0102030405060708090A0B0C0D0E0F00) TYPE(AES|AES256|NONE)
Specifies the keyword identifying the beginning of an encryption key definition.
Specifies the name that is associated with the encryption key. The name can range from 1-16-alphanumeric characters and must begin with an alphabetic character. This name is referenced in the AGENT definitions as CRYPTNAME(name).
Specifies the 32 or 64 hexadecimal characters (0-9, A-F) that form one of the following keys:
This data must match the same key that is defined on the agent side. When the data matches, the scheduling system and the agent encrypt the data with the same key.
Specifies the type of encryption used. AES and AES256 are the only valid options for almost all agents. Although the system agent can support multiple encryption types, the only supported types are AES and AES256. The default value is AES.
The only valid exception is for the CA WA Agent for HP Integrity NonStop, which does not currently support encryption. If you are using the HP Integrity NonStop agent, use a value of NONE instead.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|