IBM Support

Enabling SSL in OdetteFTP configuration of SBI/B2Bi is made simple

Technical Blog Post


Abstract

Enabling SSL in OdetteFTP configuration of SBI/B2Bi is made simple

Body

Sterling B2B Integrator (SBI) documentation has well documented Odette File Transfer Protocol (OFTP) configuration to achieve OFTP communication with SBI product. Still there have been user requests seeking help on how to enable SSL in existing OFTP configuration. In this blog, I provide steps that help to enable SSL in existing OFTP configuration.

OFTP versions 1.2/1.3/1.4 don't support SSL. SSL support is added in OFTP 2.0. It is popularly known as OFTP2. SBI OFTP2 implementation is as per RFC5024

OFTP2 Configuration for SSL in SB2Bi

It is 2-step simple process.

  1. Ensure OFTP Physical Partner Contract (PPC) is configured 2.0 as "Odette FTP API Level".

image

  1. Let us consider 2 scenarios where SBI used for OFTP outbound vs OFTP inbound.

    1. OFTP Outbound SSL certificate configuration is managed through Local OFTP Physical Partner (PP) configuration.

    2. OFTP Inbound SSL certificate configuration is managed through OdetteFTP adapter.

2.a OFTP Outbound (SBI as Sender)

Enable "SSL Enabled" check-box on OFTP PP configuration and associate Public key received from Receiver/Partner.

Note - These changes are required in LOCAL Physical Partner ONLY. No changes needed for REMOTE Physical Partner

image

image



This configuration represents 1-way SSL. i.e., ONLY receiver is forcing SSL.

Note - If you like to turn sender SSL ON to make it 2-way SSL, assign "SSL Private Key" owned by you and share corresponding public key with partner.

2.b OFTP Inbound (SBI as Receiver)

Edit OdetteFTP adapter to change "Communication Mode" from "non Secure IP" to "Secure IP". It allows us to configure SSL certificate(s).

Assign your Private Key as "System Certificate"

Note - Current configuration is just limited to receiver SSL ON.

image

\If Sender/Partner is insisting for SSL to make it 2-way SSL, you would have received corresponding Public Key from partner. So add it in CA certificate under OdetteFTP adapter.

That's all it is............!! After this, your SBI OFTP2 communication would happen over SSL.

You may post your questions or comments below.

SBI OFTP Documentation - http://www-01.ibm.com/support/knowledgecenter/SS3JSW_5.2.0/com.ibm.help.odette_ftp_partner_profile.doc/SI_ManagingOFTP.html?lang=en

I had presented complete walk-through of File Transfers using Odette FTP2.0 over SSL in IBM Sterling B2B Integrator during "Connect with Experts" live session in May'2014.

To download the presentation or recorded audio of that session, please use url : http://www-01.ibm.com/support/docview.wss?uid=swg27041976

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

UID

ibm11121667

Page Feedback