Welcome Guest! Log in
Stambia versions 2.x, 3.x, S17, S18, S19 and S20 are reaching End of Support January, 15th, 2024. Please consider upgrading to the supported Semarchy xDI versions. See Global Policy Support and the Semarchy Documentation.

The Stambia User Community is moving to Semarchy! All the applicable resources have already been moved or are currently being moved to their new location. Read more…


Some FTPS servers require a Certificate for connecting. This article provides information on how to implement this.

The idea is to:
- install the Certificate in the Runtime's Java Store - Java needs to know the certificate.
- configure the FTP action for using this certificate.

Installing the Certificate

This example concerns a ".cer" certificate file, containing data enclosed between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.

We are going to install this certificate file, using the java "keytool" binary tool. Click on this link for more information on keytool.

This has to be done on the Java JVM which is used by the Runtime. Once the certificate is installed, make sure to restart the Runtime.

Example (Windows command line):

> keytool.exe -import -alias alias01 -file D:\data\fichier.cer -keystore d:\data\myKeyStore.jks
Enter new keyfile password :
Re-enter new password :
Owner : C=FR
Issuer : C=FR
Serial Number : 0
Valid from: Thu Sep 25 18:01:13 PDT 1997 until: Wed Dec 24 17:01:13 PDT 1997
Certificate Fingerprints:
         MD5:  C0:5B:B9:6F:63:1B:5E:70:4C:E3:A1:C6:0F:2B:58:68
         SHA1 : F8:44:F1:BC:9B:19:8A:FA:8A:58:D4:7C:AC:D3:16:B8:92:79:66:78
         SHA256 : F2:9D:89:02:55:4C:F5:77:E5:13:C7:5F:06:CF:0B:2C:F1:C6:04:4B:D5:1F:E4:E6:FD:9B:98:A1:F0:A3:F4:C7
Trust this certificate? [no] :  yes
Certificate added to keystore
 

This will create the d:\data\myKeyStore.jks file, which contains the certificate. You will be able to add more certificates to this .jks file, using keytool again.

Configuring the FTP action

We need to tell the FTP action that it should use the KEY_STORE we just created.

This is done by adding the following properties to the FTP Action:

  • KEY_STORE: d:\data\myKeyStore.jks
  • KEY_STORE_TYPE: JKS
  • KEY_STORE_PASSWORD: <encrypted password>

Note: the password can be encrypted using the Runtime's encrypt <password> command.

Articles

Suggest a new Article!