Creating or Editing an FTP endpoint
FTP endpoints provide the connection information that Studio and the Integration Appliance use to connect to FTP Servers.
- In the Create Endpoint or Edit
Endpoint pane, configure the fields as described in the
following table. Note: Changing the configuration properties of an endpoint affects all orchestrations that use that endpoint in the project as the edits are global, not local.
- When you had entered the field values, click Test Connection to confirm that you can connect to the FTP Server.
- Click OK.
- Field Name
- Description
- Location
- Host Name
- Specifies the Host Name or IP address for the FTP Server.
- Port
- Specifies the port number for the specified host name. The default is 21, the standard port for FTP traffic. The default port for SFTP traffic is 22.
- Login
- Log into the Server as an Anonymous User
- This option is only available with the Normal FTP option. Select this option only if the FTP Server allows anonymous logins (where a user account is not required).
- Log into the Server with User Name and Password
- Select this option to specify a user account to log in into the FTP Server. Enter the user name and password for the account used to connect to the FTP Server.
- Security
- Normal FTP
- Select the Normal FTP option for an unsecured connection.
- Secure FTP
- Select the Secure FTP option
to secure the communication between the Integration Appliance and
the FTP Server by sending and receiving the data over SSH. The SSH
File Transfer Protocol (SFTP) is a network protocol that provides
file transfer over a reliable data stream. Notes:
- Certificate authentication for SFTP is not supported.
- Session caching for SFTP protocol [Secure FTP] in the FTP connector is enabled by default. If you need to disable session caching, then the system property disableSessionCachingForSFTP needs to be set to true. This needs the fix available in App Connect Professional version 7.5.2.0[7.5.2.0-WS-ACP-20180220-0712_H8_64-CUMUIFIX-007] onwards.
Depending on your platform, disableSessionCachingForSFTP can be set to true in the following ways:
- Secure connector:
If the FTP endpoint for SFTP protocol uses the secure connector, then you need to set disableSessionCachingForSFTP as follows:
- Stop and undeploy the projects in live/appliance that use secure connector in question.
- Stop the running secure connector now
- Open runclient_osgi.bat for windows or runclient_osgi.bat.sh for linux found under secure connector installation path.
- Add -DdisableSessionCachingForSFTP=true \ under FLAGS category as shown below:
'FLAGS="-Dcom.sun.management.jmxremote \ -DdisableSessionCachingForSFTP=true \ -Dcom.approuter.management.jmxremote.connectorserver.port=31999 \ -Djava.awt.headless=true \ -Djmx.remote.protocol.provider. … "
- Start the secure connector, and then start projects that were using this secure connector.
- Appliance:
Please contact your IBM App Connect Professional support personal to add and set the flag disableSessionCachingForSFTP=true, which needs to be set and restarted in start up scripts.
- Secure connector:
- FTPS
- Select the FTPS option
to secure the communication between the Integration Appliance and
the FTP Server using the SSL protocol. The SSL protocol supports mutual
authentication between the Integration Appliance and FTP Server using
an authenticated and encrypted connection. Choose one of the following
authentication modes:
- Implicit
- Explicit (SSL) - Starts an FTP session and uses SSL security to authenticate an endpoint and encrypts data before transfer.
- Explicit (TLS) - Starts an FTP session and uses TLS security to authenticate the endpoint and encrypts data before transfer.
Important: Before you can deploy a project using FTPS, you must upload and register a certificate on the Integration Appliance. For more information about uploading and registering a certificate, see the CLI Command Reference. - Client Certificate Alias Name
- When the FTPS server is configured to authenticate a client, select this
option and specify a client certificate alias name. By default, when you select the Client
Certificate Alias Name option, Studio provides the following name: Factory Supplied
Identity
The client certificate alias name that you specify in this field should match the value you specified for the client certificate name using the App Connect command line interface (CLI), when you uploaded or imported the certificate. In the CLI, if you mapped the client certificate name to the default alias name, accept the default name that Studio provides and configure the Connection Timeout for the endpoint.
- FTP Mode
- If your FTP Server supports
Active mode transfers, you can configure an FTP endpoint in Studio
to use the Active mode to transfer data to and from an FTP Server
and the Integration Appliance. By default, FTP endpoints support passive
mode transfers. Note: Active mode is not supported for SFTP.
- Active FTP
- Select this option to enable the Active mode. When you enable the Active mode option, you can specify the external IP and port range for incoming connections. By default, this option is not selected and the FTP endpoint supports passive mode transfers.
- External IP
- (Optional) Specifies the client IP address from which the FTP Server will respond to connection attempts.
- Port Range/Start Port
- (Optional) Specifies the lowest port number
of the predetermined range assigned to incoming connections. If you
enter a start port number, you must also enter the end port number. Important: This number cannot be less than 1024.
- Port Range/End Port
- (Optional) Specifies the highest port number
of the predetermined range assigned to incoming connections. If you
enter an end port number, you must also enter the start port number.Important: This number cannot be greater than 65535.
- Connection Timeout
- Time out after ___ second(s) when establishing a connection to the Endpoint.
- The number of seconds before a timeout occurs
between the Integration Appliance attempting to establish a connection
to the endpoint and the time it takes for the endpoint to respond
to the connection request. For an FTP activity, the amount of time
the Integration Appliance attempts to establish a connection to the
FTP Server before timing out. A connection timeout is different from
an activity timeout because an activity timeout occurs after the connection
to the endpoint has already been established. An activity timeout
specifies the amount of time in seconds before a timeout occurs between
the activity invoking a request on an endpoint and the time it takes
the endpoint to respond. You set the activity timeout in Retry task
of the following FTP activities:
- FTP Poll Directory activity
- FTP Put File activity
- FTP Get File activity
- FTP Delete File activity
- FTP List Files activity
- FTP Rename File activity
