ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaiq_5.4.0.1/rzaiqsslforftpserver.htm

58 lines
3.7 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Enable Secure Sockets Layer for MyCo's FTP server" />
<meta name="DC.Relation" scheme="URI" content="rzaiqscenariossldetails.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaiqsslforftpserver" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Enable Secure Sockets Layer for MyCo's FTP server</title>
</head>
<body id="rzaiqsslforftpserver"><a name="rzaiqsslforftpserver"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Enable Secure Sockets Layer for MyCo's FTP server</h1>
<div><div class="section">Now that the File Transfer Protocol (FTP) server has a certificate
assigned to it, MyCo configures the FTP server to use SSL by following these
steps:</div>
<ol><li><span>In iSeries™ Navigator,
expand <span class="menucascade"><span class="uicontrol">the iSeries server</span> &gt; <span class="uicontrol">Network</span> &gt; <span class="uicontrol">Servers</span> &gt; <span class="uicontrol">TCP/IP</span></span>.</span></li>
<li><span>Right-click <span class="uicontrol">FTP</span>.</span></li>
<li><span>Select <span class="uicontrol">Properties</span>.</span></li>
<li><span>Select the <span class="uicontrol">General</span> tab.</span></li>
<li><span>Choose the following option for SSL support: <span class="uicontrol">Secure
only</span>. Select this to allow only SSL sessions with the FTP server.
Connections can be made to the non-secure FTP port, but the FTP client must
negotiate an SSL session before the user is allowed to log in.</span></li>
</ol>
<div class="section">With this task complete, MyCo's FTP server can now use SSL to encrypt
communication sessions and protect the privacy of the data transmitted during
these sessions. However, to configure the FTP client to participate in an
SSL session with the FTP server, MyCo must provide their client, TheirCo,
with a copy of the local CA certificate. To do this, MyCo needs to export
a copy of the local CA certificate to a file and make the file available to
TheirCo. After TheirCo has this file, they can use DCM to import the Local
CA certificate into the *SYSTEM certificate store, and configure the i5/OS™ FTP client
to use SSL.</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaiqscenariossldetails.htm" title="In order to secure File Transfer Protocol (FTP) with Secure Sockets Layer (SSL), you need to configure the server.">Configuration details</a></div>
</div>
</div>
</body>
</html>