|
Public Private Keys |
Scroll |
As previously mentioned, Engines usually run on a different platform than the Data Capture Agent. The Controller Daemon on the Capture platform manages secure communication between Engines and their Capture/Publisher Agents. Therefore a Public / Private Key pair must be generated for the Engine on the platform where the Engine is run. The SQDutil program must be used to generate the necessary keys and must be run under the user-id that will be used by the Engine.
Syntax
$ sqdutil keygen
On z/OS, JCL similar to the sample member NACLKEYS included in the distribution executes the SQDutil program using the keygen command and generates the key pair.
The Public key must then be provided to the administrator of the Capture platform so that it can be added to the nacl.auth.keys file used by the Controller Daemon.
Note, there should also be a Controller Daemon on the platform running Engines to enable command and control features and the browser based Control Center. While it is critical to use unique key pairs when communicating between platforms, it is common to use the same key pair for components running together on the same platform. Consequently, the key pair used by an Engine may be the same pair used by it's Controller Daemon.
The Public / Private key files generated by the SQDUTIL utility are automatically placed in a hidden directory of the user account running the utility, except on zOS where JCL is used to specify the file names in the zOS aintained in the platform's native file system, the other three files must reside in a Linux / Unix file system.
