Configuring the Certificate Revocation List for secure ports

Trading Networks 10.7 | Administering and Monitoring B2B Transactions | Managing File Transfers with ActiveTransfer | Managing ActiveTransfer Server | Configuring the Certificate Revocation List for secure ports

ActiveTransfer supports the validation of Certificate Revocation List (CRL) for the secure ports such as HTTPS and FTPS.

You can configure ActiveTransfer to validate CRL for secure ports using the property mft.server.crlUrl. ActiveTransfer validates the client certificate against the CRL specified in mft.server.crlUrl to permit or block client access to secure ports. The certificate-based authentication is enforced through either the Require valid certificate or Require valid certificate and password field for FTPS (implicit or explicit) and HTTPS ports.

To configure ActiveTransfer Server to validate CRL with secure ports

1. Browse to the Integration Server_directory \instances\instance_name\packages\WmMFT\config directory on ActiveTransfer Server.

2. Open the properties configuration file (properties.cnf).

3. Set the mft.server.crlUrl property as one of the following:

a. A file stored in an accessible directory. For example: mft.server.crlUrl=C:/MFT/CRL/mftCRL.crl.

b. A file that can be downloaded from a URL. For example: mft.server.crlUrl= http://softwareag.com/crls/mftCRL.crl

Note:
Configuration of CRL check is not mandatory. If you leave the mft.server.crlUrl property blank, then ActiveTransfer does not perform the CRL check.