|
I'm coming into this discussion late as I am the one who is actually implementing this and got the secure FTP with Wells Fargo going in production. Rob has been keeping up on this discussion and informing me. Thanks Rob! Everything was setup exactly as they specified and even the connection to port 21 as documented by them. Everything works great with the secure connection message before the logon, the logging on, and transfer of files. I was thinking that it works now in test so why wouldn't it work when they put the certs into production? Wells Fargo explained that they want to scramble the password used for logging on as the certificate does that. They said that since we are in production and logging on, they wouldn't do that yet but if we were to let the cert logon for us, they would scramble the password. Something about not allowing unsecure connections. At this point Wells Fargo is discussing with their developers how they can get these digital certs into production. I'm disappointed to see that this seems to have never been done before easily by anyone. Our VPN with JPMorgan Chase is easy to program because the tunnel is all done with hardware and no certificates that expire every year. The network guys don't think that is wonderful but at this point I just want something that will work. The network guy here said that the VPN is not an option with Wells Fargo and thought secure FTP was the way to go. So, that was what I did. FTP stands for "File Transfer Protocol" and it seems to be meant for transferring files, not browsing web pages. The FTP for the send is simply "<userid> <password>" then "put <file> <tofile>" then "quit". The receival script that is ready for production is "<userid> <password>" then "mget <file*.txt>" then "ls <file*.txt> (disk" then "<del <file*.txt>" then "quit". I have the IFS list from that "ls" and process the files in the list on our system. Okay, fine, maybe I will have to give up and resort to having them use Internet Explorer to manually get the files from the https. Does anyone have an example of doing puts, mgets, deletes and other similar things with HTTPAPI, FTPAPI, or some other utility we don't have to pay for? I did install HTTPAPI on our development system and I don't see an example that fits. Any ideas? Craig Strong **Scott wrote: - get IBM's ftp client to use "client certificates" IBM doesn't officially support client certificates with their FTP client. You can set one, but you can't change it on a per-server or per-user basis. So once you've set a client certificate for the FTP client, it's used for all secure FTP sessions to all servers and by all users! - figure out if I want to use ftp api to do my own ftp client and figure out how to support "client certificates" there I've heard people say (on several occasions) that they were going to contribute SSL support to FTPAPI, but as of yet, nobody has. I'd add it myself, but I haven't had a business need for it, and I have a lot of "real" work to do :) - use the httpapi as others are doing. By contrast, HTTPAPI does fully support SSL, and you can configure as many different Digital Certificate Manager profiles as you like, each one with it's own client certificate.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
