To configure advanced settingsTo configure advanced settings
For a listener using FTP or FTPS protocol:Field | Description |
Bindings | |
Name | Type a unique name for the listener. |
Host | Type a host name or IP address. |
Port | Type a unique port number. Note: Make sure that the port you specify is not used by any application, including the default ports used for ActiveTransfer Server and ActiveTransfer Gateway (2080 and 8500, respectively). |
Share this information with the user through email | Select this option if you want to send an email alert to the user of this listener information such as, listener name, host, port, protocol, creation of a new user account, modification to the credentials or server connection details for a user, or permissions granted to folders. |
Access | |
Passive port range | Type the From and To range of port numbers that can be used for passive port connections. |
Passive IP address | Do one of the following: If you want ActiveTransfer Server to automatically assign the IP address or host name of the server based on the listener configuration, type Auto. Ensure that you specify the IP address or host name while creating data connections in passive mode.If you want to want to provide a specific IP address manually, type the IP address to use for the passive IP address. |
Welcome message | Type a short message. |
Router/Firewall aware | Select this option if the incoming client connections are routed through a router or firewall, that is FTP-aware. FTP-aware routers and firewalls inspect the FTP command and response, and might modify the response. It is possible that a client cannot connect to ActiveTransfer Server or transfer files even when a listener is active. This happens when either a firewall exists between the client and the server or the virtual private network the client uses has altered the IP address given to ActiveTransfer Server. Note: Check your firewall configuration before selecting this option. |
SSL options | |
Activate | Select this option to activate SSL encryption. |
Keystore location | Type the path or browse to the location of the keystore file. ActiveTransfer Server loads the truststore file from the keystore file path, Keystore-File-Path_trust. For example, C://keystore/key for Windows and /usr/keystore/key for UNIX. Note: This keystore file overrides any global SSL encryption settings that apply to all listeners on the server. |
Keystore password | Type the keystore password. |
Private key password | Type the private key password. |
Require valid client certificate | Select this option if you want to allow connections for clients with a valid client certificate key password. Note: When this option is selected, ActiveTransfer Server expects the clients requesting a server connection to present a valid certificate. The certificate should match one of the certificates stored in the truststore. To store valid certificates, you must create a truststore file in the same location as the keystore file named keystoreName_trust. For example, if the keystore file name is server_ks.jks, the truststore file name should be server_ks.jks_trust. You should add the valid client certificates to this truststore. |
Encryption | |
Explicit SSL | Select this option to enable support for explicit SSL for use in encryption mode (FTPES). Select the Require encryption option to force the client to use the data transfer encryption mode while connecting to an FTP server. In this mode, the client cannot switch off the channel encryption. |
Implicit SSL | Select this option to enable support for implicit SSL for use in encryption mode (FTPS). SSL is used on all the clients in each session. |
Protocols | Select one or more of the following supported protocols for explicit SSL or implicit SSL encryption modes: TLSv1.2TLSv1.1TLSv1.0SSLv3Note: In JDK 8u31, JDK 7u75, JDK 6u91, and later version, SSLv3 is disabled by default. To use SSLv3, you must manually enable SSLv3 in JVM. |
Priority options | |
Command delay interval (in MS) | Type the command delay interval in milliseconds to add a pause between each command in order to slow down clients that continually access the server. |
For a listener using SFTP or SFTPS protocol:Field | Description |
SSH: Server host keys | |
RSA | Select Active to enable RSA, and type the file name or browse to the location of the file containing the key for the RSA algorithm. |
DSA | Select Active to enable DSA, and type the file name or browse to the location of the file containing the key for the DSA algorithm. |
SSH: Authentication | |
Require password authentication | Select this option if you want to make password authentication mandatory for a user. |
Require public key authentication | Select this option if you require a certificate or public key when a secure connection is established with a partner. Whether password-based authentication is mandatory or not, authentication of a connection established with a partner is done with the public key. |
SSH: Supported ciphers | Select the required ciphers from the list. |
SSH: Supported MAC | Select the supported keyed-hash message authentication codes (HMACs) for verification of data integrity from the list. |
SSH: Connection settings | |
Use asynchrorous threading | Select this option if you want to use asynchronous threading to enable multiple file transfers to run concurrently. |
Idle timeout (sec) | Type a timeout value in seconds for disconnecting an idle connection. |
Priority options | |
Command delay interval (ms) | Type a command delay interval in milliseconds to add a pause between each command in order to slow down clients that continually access the server. |
For a listener using HTTP or HTTPS protocol:Field | Description |
SSL options | |
Keystore location | Type or browse the path to the keystore file. ActiveTransfer Server loads the truststore file from the keystore file path, <Keystore-File-Path>_trust. For example, C://keystore/key for Windows and /usr/keystore/key for UNIX. Note: This keystore file overrides any global SSL encryption settings that apply to all listeners on the server. |
Keystore password | Type the keystore password. |
Private key password | Type the private key password. |
Require valid client certificate | Select this option if you want to allow connections for clients with a valid client certificate key password. Note: When this option is selected, ActiveTransfer Server expects the clients requesting a server connection to present a valid certificate. The certificate should match one of the certificates stored in the truststore. To store valid certificates, you must create a truststore file in the same location as the keystore file named keystoreName_trust. For example, if the keystore file name is server_ks.jks, the truststore file name should be server_ks.jks_trust. You should add the valid client certificates to this truststore. |
Protocols | Select one or more of the following supported protocols for explicit SSL or implicit SSL encryption modes: TLSv1.2TLSv1.1TLSv1.0SSLv3Note: In JDK 8u31, JDK 7u75, JDK 6u91, and later version, SSLv3 is disabled by default. To use SSLv3, you must manually enable SSLv3 in JVM. |
Priority options | |
Command delay interval (ms) | Type a command delay interval in milliseconds to add a pause between each command in order to slow down clients that continually access the server. |