Now that the File Transfer Protocol (FTP) server has a certificate
assigned to it, MyCo configures the FTP server to use SSL by following these
steps:
- In iSeries™ Navigator,
expand .
- Right-click FTP.
- Select Properties.
- Select the General tab.
- Choose the following option for SSL support: Secure
only. Select this to allow only SSL sessions with the FTP server.
Connections can be made to the non-secure FTP port, but the FTP client must
negotiate an SSL session before the user is allowed to log in.
With this task complete, MyCo's FTP server can now use SSL to encrypt
communication sessions and protect the privacy of the data transmitted during
these sessions. However, to configure the FTP client to participate in an
SSL session with the FTP server, MyCo must provide their client, TheirCo,
with a copy of the local CA certificate. To do this, MyCo needs to export
a copy of the local CA certificate to a file and make the file available to
TheirCo. After TheirCo has this file, they can use DCM to import the Local
CA certificate into the *SYSTEM certificate store, and configure the i5/OS™ FTP client
to use SSL.