ActiveTransfer Server 10.7 | webMethods ActiveTransfer Documentation | Administering ActiveTransfer Server | Managing ActiveTransfer Server | Managing ActiveTransfer Ports | Specifying a Keystore File for a Port
 
Specifying a Keystore File for a Port
Use this procedure to specify a keystore file for a port that uses the FTP, FTPS, HTTP, or HTTPS protocol. This keystore file overrides any global SSL encryption settings that apply to all ports on the server. For information about specifying global SSL encryption settings, see Specifying Encryption Settings.
*To specify a keystore file for a port
1. In My webMethods: Administration > Integration > Managed File Transfer > Server Management.
2. Select the server instance. For details, see Selecting the Instance to Work With.
3. On the Ports tab, select an FTP, FTPS, HTTP, or HTTPS port from the list of ports.
4. Click the Advanced tab.
Note:
The remaining steps in this procedure pertain to the SSL Options section.
5. For Keystore Location, specify the path to the keystore file.
Note:
For an ActiveTransfer Gateway, specify the path of the server on which ActiveTransfer Gateway is running.
6. In the Keystore Password box, type the keystore password.
7. In the Private Key Password box, type the private key password.
8. If you want to allow connections only for clients with a valid client certificate, select Require valid client certificate.
When this option is selected, ActiveTransfer Server expects the clients requesting a server connection to present a valid certificate. The certificate should match one of the certificates stored in the truststore.
For details on how to map client certificates to users, see User Certificate Mapping.
When establishing a connection with the server, ActiveTransfer validates only the client certificate but not the password.
Tip:
To store valid certificates:
a. Create a truststore file in the same location as the keystore file named keystoreName_trust. For example, if the keystore file name is server_ks.jks, the truststore file name should be server_ks.jks_trust.
b. Add the valid client certificates to this truststore.
9. If you want ActiveTransfer to validate both the client certificate and the password when establishing a connection with the server, select Require valid client certificate and password.
Additionally, when you select this option for an HTTPS port, ActiveTransfer clears the selection of Support Single Sign-On.
For details on the single sign-on option for HTTPS ports, see Configuring an HTTPS Port to Support Single Sign-On.
10. Click Save.