Topic
4 replies Latest Post - ‏2012-10-30T17:47:27Z by CI4Now
CI4Now
CI4Now
5 Posts
ACCEPTED ANSWER

Pinned topic How to Import SSH Keys for SFTP in Studio and Appliance

‏2012-10-29T03:45:45Z |
We'd like to use the SFTP endpoint and we have the private key with password. I'd like to know how to import the keys so that I can run my orchestration. I need to know this for both Cast Iron Studio as well as the Cast Iron Appliance.
Updated on 2012-10-30T17:47:27Z at 2012-10-30T17:47:27Z by CI4Now
  • SystemAdmin
    SystemAdmin
    238 Posts
    ACCEPTED ANSWER

    Re: How to Import SSH Keys for SFTP in Studio and Appliance

    ‏2012-10-29T08:37:14Z  in response to CI4Now
    Although I haven't tested it myself yet, I would guess that you need to upload your key and cert to the CI keystore http://publib.boulder.ibm.com/infocenter/wci/v6r1m0/topic/com.ibm.websphere.cast_iron.doc/SSL_import_a_end_entity_certif.html
    Also, you may want to have a look at the Redbook http://www.redbooks.ibm.com/abstracts/sg248004.html at chapter 5.
    Regards,
    Magali
  • CI4Now
    CI4Now
    5 Posts
    ACCEPTED ANSWER

    Re: How to Import SSH Keys for SFTP in Studio and Appliance

    ‏2012-10-30T04:31:35Z  in response to CI4Now
    Thanks Magali for the response.
    I was able to create a PKCS12 certificate file and import the certificate to the keystore. But couldn't connect successfully to the SFTP server. I was able to use the ssh key and connect to the SFTP server using the PSFTP/Pageant so the key and connectivity are fine. The issue could be one of the following:
    1. The certificate is not valid/not recognized
    2. The certificate is not used by the SFTP connection/ not associated to the SFTP connection.

    How do we proceed? Is there some documentation or any log to review?

    Appreciate your help!
    • NateTheRobot
      NateTheRobot
      3 Posts
      ACCEPTED ANSWER

      Re: How to Import SSH Keys for SFTP in Studio and Appliance

      ‏2012-10-30T16:48:43Z  in response to CI4Now
      Hi, have u checked the 'Client Certificate' and specified the correct certificate alias name you wish to use on the FTP endpoint?

      A thought to realize the exact reason that you can't connect to the SFTP is to capture the packet by using Wireshark. It would tell you are rejected from the connection :-)
  • CI4Now
    CI4Now
    5 Posts
    ACCEPTED ANSWER

    Re: How to Import SSH Keys for SFTP in Studio and Appliance

    ‏2012-10-30T17:47:27Z  in response to CI4Now
    With Secue-FTP, the client certificate Check Box and Alias Name are disabled. So I am not sure how the studio run time know what certificate to use?