on 02-10-2010 9:15 AM
Hi ,
Did File Adapter with FTPS will provide the Message Level Security ?
And What is the Exact Difference Between FTPS for Control Connection and FTPS for Control and Data Connection .
What is the Significance of Use X.509 Certificate for Client Authentication check box. If we check it what will happen r if we dont what will happen ?
Thanks.
Anitha.
Hi Anitha,
if you are looking for message level security in FTP then use SSH i.e sFTP instead of FTPS....
FTP is over SSL i.e Secure Socket Layer...which will create the secure layer and transfers the data using the same...
X.509 is used for client authentication... if you want to transfer the data using particular user...for which the authentication will happen...using the certificate X.509..
HTH
Rajesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
>
> Hi Rajesh,
>
> I have to use only FTPS. Because my client is suggesting that only. Isn't possible using FTPS ?
> And Tell me The Difference Between FTPS for Control Connection and FTPS and Control and Data Connection .
> Neccesity of Public key certificate from FTP Sever?
>
> Thanks.
> Anitha.
PI supports FTPS. you can use the File adapter for the same.
The basic difference when we talk about FTPS for Control Connection* and FTPS and Control and Data Connection is that in case of FTPS and Control and Data Connection, you data is also encrypted. Else the connection is secure but the data level encryption will not be active
FTPS works with Certificates and hence the need for the same
Thanks Sabarish,
I read that Blog already.
In this blog could you please Explain
* Implict FTPs 990 (Control) and 989 (Data)
* Explicit FTPs 21 (Control) and 20 (Data)
What is Implicit mode and Explicit Mode?
And Could you please tell me
What is The Message level security?
Why File Adapter will not support that ?
Thanks.
Anitha.
check this
http://help.sap.com/saphelp_nw70/helpdata/en/43/0e16bfd7b021aee10000000a1553f6/content.htm
also i think data might not be encrypted using FTPS control and data connection but only the communication
Hi Anitha,
Check this site: http://help.globalscape.com/help/secureserver2/Explicit_versus_implicit_SS.htm
The message level security is based on WS-Security, XML Encryption and XML Signature standards. PI 7.1 implements this issue but the ERP must implement this mechanism too. It is a new standard for server comunication and the industry are implementing in this moment their product with this standard.
Regards
Ivá
Thank you Ivan,
Few more doubts, Could you please clarify These also ?
In FTPS Control and Data Connection Data Encryption will be there or not ?
What is the Significance of Use X.509 Certificate for Client Authentication check box.
When I have to check this Check Box and When I should not check ?
Thanks.
Anitha.
Hi Anitha,
If you choose FTPS Control and Data Connection Data the control dialog message and data communication will be encrypted.
If you choose Use X.509 Certificate, you will send to FTP server your credentials throught the certificate, the FTP server check if this certificate is valid or not.
You should use these options if the FTP server admin team tell you that is mandatory the use of this connection method. In my job only use FTPs control connection (Intranet) but if you use internet connection the best choice is use FTPS Control and Data Connection. This method is more secure than FTPS Control because Data are encrypted.
Best reagrds
Ivá
Hi,
Two methods works in the same way.
1.- Handshake negotiation.
2.- PI do login in FTP server (Basic Login or X509 Certificate login).
3.- In sender way SAP PI sends a "get" command to FTP serve for retreive the file. In receiver way PI send a "put" command to FTP server to put the file in the FTP server.
The more important thing is CA certificates are installed in SAP Server into TrustedCAs keystore for SAP Server trust in the public certificate tha FTP server sends.
I wrote an article where it may be help you to undestand the handshake negotiation. Check it: http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66
Best regards
Ivá
Hi,
1.- FTPS for control connection only encrypt the control messages when the servers open the connections with the remote server.
FTPS for control and data connection encrypt data and control messages using one algorithm previously negotiated for both servers.
2.- For do login in FTP server you can use Basic Login (for instance when you use anonymous user in some FTP server) and certificate login. For do it, you must to have one certificate stored in keystore in Java Server.
Best regards
Ivá
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.