ActiveTransfer Server 10.11 | webMethods ActiveTransfer Documentation | Administering ActiveTransfer Server | Managing ActiveTransfer Server | Configuring the Certificate Revocation List for secure ports
 
Configuring the Certificate Revocation List for secure ports
ActiveTransfer supports the validation of Certificate Revocation List (CRL) for the secure ports such as HTTPS and FTPS.
You can configure ActiveTransfer to validate CRL for secure ports using the property mft.server.crlUrl. ActiveTransfer validates the client certificate against the CRL specified in mft.server.crlUrl to permit or block client access to secure ports. The certificate-based authentication is enforced through either the Require valid certificate or Require valid certificate and password field for FTPS (implicit or explicit) and HTTPS ports.
*To configure ActiveTransfer Server to validate CRL with secure ports
1. Browse to the Integration Server_directory \instances\instance_name\packages\WmMFT\config directory on ActiveTransfer Server.
2. Open the properties configuration file (properties.cnf).
3. Set the mft.server.crlUrl property as one of the following:
a. A file stored in an accessible directory. For example: mft.server.crlUrl=C:/MFT/CRL/mftCRL.crl.
b. A file that can be downloaded from a URL. For example: mft.server.crlUrl= http://softwareag.com/crls/mftCRL.crl
Note:
Configuration of CRL check is not mandatory. If you leave the mft.server.crlUrl property blank, then ActiveTransfer does not perform the CRL check.