IBM Support

Enabling Secure Authentication for Odette FTP (OFTP) in Sterling B2Bi

Technical Blog Post


Abstract

Enabling Secure Authentication for Odette FTP (OFTP) in Sterling B2Bi

Body

In my previous blog, I had covered the steps for enabling SSL for Odette FTP (OFTP configuration) inside SB2Bi. Click Here for quick access.



Considering complexity of OFTP protocol itself, I realized the need for another blog where I am going to explain the configuration of "Secure Authentication in SB2B's OFTP setup. It is different from SSL that was discussed in my previous blog.

Just like SSL feature added in OFTP 2.0, Secure Authentication too added in OFTP 2.0. RFC for OFTP2 can be accessed @ RFC5024

Hence ensure "Odette FTP API Level" is set to 2.0 in Physical Partner Contract in SB2Bi.

If you are first time user configuring Odette FTP in IBM's SB2Bi product, You may refer to my presentation that covers complete walk-through of File Transfers using Odette FTP2.0 over SSL in IBM Sterling B2B Integrator during "Connect with Experts" live session in May'2014.

To download the presentation or recorded audio of that session, please Click here

SB2Bi OFTP Documentation is here

SB2Bi Odette FTP interacting with 3rd party Odette FTP software with Secure Authentication enabled :

When SB2Bi OFTP is working with different OFTP solution, here are the things needed to configured in SB2Bi to enable "Secure Authentication"

1. Configure private key as "Authorization Private Key" in *LOCAL* OFTP Physical Partner (PP).

2. Share corresponding public key(s) with partner

3. Obtain partner's public key(s) and use it in *REMOTE* PP as "Authentication Certificates"

4. Last and most important thing is to enable "Secure Authentication" check box in corresponding OFTP Physical Partner Contract (PPC).

#4 is what determines whether "Secure Authentication is enabled with particular partner.

This diagram puts together all these points.

image

SB2Bi interacting with another SB2Bi over OFTP2+Secure Authentication :



Since this covers both Inbound and outbound configurations, it would help wide range of users using SB2Bi for OFTP with "Secure Authentication" enabled. I have used self signed certificates for this demonstration.



image

Here are some screens that I captured for better explanation of this use-case between 2 SB2Bi environments.

SB2Bi -1

LOCAL PP

image

REMOTE PP

image

PPC

image

SB2Bi-2

LOCAL PP

image

REMOTE PP



image

PPC

image

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

UID

ibm11121655

Page Feedback