Enabling Secure Sockets Layer for MyCo's FTP server

 

Now that the File Transfer Protocol (FTP) server has a certificate assigned to it, MyCo needs to configure the FTP server to use Secure Sockets Layer (SSL). To use iSeries™ Navigator to configure the FTP server, follow these steps:

  1. In iSeries Navigator, expand your system > Network > Servers > TCP/IP.

  2. Right-click FTP.

  3. Select Properties.

  4. Select the General tab.

  5. Choose the following option for SSL support: Secure only. Select this to allow only SSL sessions with the FTP server. Connections can be made to the non-secure FTP port, but the FTP client must negotiate an SSL session before the user is allowed to log in.
With this task complete, MyCo's FTP server can now use SSL to encrypt communication sessions and protect the privacy of the data transmitted during these sessions. However, to configure the FTP client to participate in an SSL session with the FTP server, MyCo must provide their client, TheirCo, with a copy of the local CA certificate. To do this, MyCo needs to export a copy of the local CA certificate to a file and make the file available to TheirCo. After TheirCo has this file, they can use DCM to import the Local CA certificate into the *SYSTEM certificate store, and configure the i5/OS® FTP client to use SSL.

 

Parent topic:

Configuration details