Use Secure Sockets Layer to secure the File Transfer Protocol server

With Secure Sockets Layer (SSL) you can eliminate the exposure of transmitting passwords and data in the clear when using the i5/OS™ File Transfer Protocol (FTP) server with an FTP client that also uses SSL.

The FTP server provides enhanced security while sending and receiving files over a untrusted network. FTP server uses SSL to secure passwords and other sensitive data during an information exchange. The FTP server supports either SSL or TLS protected sessions, including client authentication and automatic sign-on.

Most SSL-enabled applications connect a client to separate TCP ports, one port for "unprotected" sessions and the other for secure sessions. However, secure FTP is a bit more flexible. A client can connect to a non-encrypted TCP port (typically TCP port 21), and then negotiate authentication and encryption options. A client can also choose a secure FTP port (typically TCP port 990), where connections are assumed to be SSL. The iSeries™ FTP server provides for both of these options.

Before you can configure the FTP server to use SSL, you must have installed the prerequisite programs and set up digital certificates on your iSeries.

Note: Create a local Certificate Authority or use DCM to configure the FTP server to use a public certificate for SSL.
Related concepts
Secure Sockets Layer (SSL)
SSL concepts
Prerequisite programs
Secure the FTP client with Transport Layer Security or Secure Socket Layer
Related tasks
Set up digital certificates
Use a public certificate