Configuring a protocol bridge for an FTPS server

Configure an FTPS server in a similar way as you configure an FTP server: create a bridge agent for the server, define the server properties, and map user credentials.

About this task

To configure an FTPS server, complete the following steps:

Procedure

  1. Create a protocol bridge agent for the FTPS server using the fteCreateBridgeAgent command. The parameters that are applicable to FTP are also applicable to FTPS but there are also three required parameters specific to FTPS:
    1. The -bt parameter. Specify FTPS as the value of this parameter.
    2. The -bts parameter for the truststore file and the -btsp parameter for the truststore password. The command assumes that only server authentication is required and you must specify the location of the truststore file and the password.

    The explicit form of the FTPS protocol is configured by the fteCreateBridgeAgent command by default but you can configure the implicit form by changing the protocol bridge properties file. The protocol bridge always connects to FTPS servers in passive mode.

    For more information about the fteCreateBridgeAgent command, see fteCreateBridgeAgent (create and configure WebSphere MQ File Transfer Edition protocol bridge agent).

  2. Define the FTPS server properties within an <ftpsServer> element in the protocol bridge properties file: ProtocolBridgeProperties.xml. For more information, see Defining properties for protocol file servers using the ProtocolBridgeProperties.xml file. You can also enable client authentication by editing the protocol bridge properties file. For details of all the configuration options, see Protocol bridge properties file format.
  3. Map user credentials in WebSphere MQ File Transfer Edition to user credentials on the FTPS server either by using the default credential mapping function of the protocol bridge agent or by writing your own user exit. For more information, see Mapping credentials for a file server.
  4. By default, the truststore file is configured as having the JKS format; if you want to change the format, edit the protocol bridge properties file.

Example

An example entry for an FTPS server in the protocol bridge properties file is shown below:
<tns:serverProperties xmlns:tns="http://wmqfte.ibm.com/ProtocolBridgeProperties"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://wmqfte.ibm.com/ProtocolBridgeProperties
       ProtocolBridgeProperties.xsd">
    <tns:defaultServer name="ftpsserver.mycompany.com" />

    <tns:ftpsServer name="ftpsserver.mycompany.com" host="ftpsserver.mycompany.com" port="990" platform="Windows" 
       timeZone="Europe/London" locale="en_US" fileEncoding="UTF8"
       listFormat="unix" limitedWrite="false" 
       trustStore="c:\mydirec\truststore.jks" trustStorePassword="password"  />

    <!-- Define servers here -->
</tns:serverProperties>

What to do next

For information about the parts of the FTPS protocol that are supported and which are not supported, see FTPS server support by the protocol bridge.


Task Task

Feedback

Timestamp icon Last updated: Tuesday, 30 January 2018
http://www.ibm.com/support/knowledgecenter/SSEP7X_7.0.4/com.ibm.wmqfte.doc/protocol_bridge_config_ftps.htm