Create a Server Definition for Incoming and Outgoing OFTP2 Requests
For all protocols except AS2 and OFTP2, server definitions are only used for outgoing requests. For OFTP2, however, server definitions are used for incoming and outgoing OFTP2 requests.
Incoming Requests
-
The transfer partner initiates a connection request to MFT and specifies its Odette ID.
-
MFT searches the server definitions for a matching Partner Odette ID.
-
When it finds the matching Odette Partner ID, it gets the user ID from the server definition.
-
MFT then searches for transfer definitions for the user ID defined in the server definition.
-
MFT checks if the OFTP2 virtual file is a match on the Virtual Alias.
-
The Transfer Definition points to a target Server such as SFTP or Platform Server. This is the server where the incoming OFTP2 data is saved.
Outgoing Requests
-
A client (SFTP, Platform Server, HTTPS) logs in and initiates a transfer request to MFT.
-
The client specifies a remote file name whose first parameter is the Virtual Alias.
-
MFT Searches the transfer definitions for that user for and upload definition with a match on the Virtual Alias
-
The transfer definition selected points to an OFTP2 Server definition
-
The data received from the transfer client is send to the OFTP2 server.
Creating an OFTP2 Server Definition
To create an OFTP2 server definition, complete the following steps.
- Procedure
- Go to Partners > Servers > Add Server.
The Add Server page is displayed.
- Enter the required server information described in the table below:
Information Instruction Server Name Enter a unique server name. IP Address IP name or IP address provided by the OFTP2 transfer partner. IP Port Enter the port the OFTP2 transfer partner is listening on. Server Type Set to OFTP2. Server Type Set to UNIX.
Server Credentials
Server credentials are not used for OFTP2 transfers.
OFTP2 Options: General Information
The following table lists the options under General Information.
| Option | Instruction |
|---|---|
| Local Odette ID | Enter the Odette ID for your system. |
| Local Password |
The password sent to the OFTP2 partner. It is up to the partner whether this password is authenticated. Not all OFTP2 software validates the password. |
| Partner Odette ID | Enter the Odette ID for your OFTP2 transfer partner. The transfer partner must provide this information. |
| Partner Password | The password sent by the OFTP2 partner. MFT validates this password for incoming and outgoing requests. |
| UserId for incoming requests | Select the user that you created in the prior step. This user is used for incoming OFTP2 requests. |
OFTP2 Options: Outgoing Parameters
Outgoing parameters are used when MFT initiates an OFTP2 transfer to a target OFTP2 server.
| Option | Instruction |
|---|---|
| Use TLS | Defines whether TLS is used for outgoing connections. Using TLS is the most secure way of performing OFTP2 transfers. We strongly suggest using TLS for all OFTP2 transfers. |
| Session Authentication | Defines whether the MFT OFTP2 client requests session authentication. |
OFTP2 Options: Incoming Parameters
Incoming Parameters are used when OFTP2 client initiates a transfer to the MFT OFTP2 server.
| Option | Instruction |
|---|---|
| Require Session Authentication | Defines whether Session Authentication is required. If set to "Yes", the OFTP2 client must request Session Authentication. |
OFTP2 Options: Sending Files
Sending File parameters are used when MFT sends a file to a target OFTP2 server.
| Option | Instruction |
|---|---|
| Sign Files |
Defines whether files are signed by the OFTP2 Signing System Key. Files are signed with the MFT OFTP2 Signing System Key. Anyone with the MFT OFTP2 Signing Public Key can validate the signature. |
| Encrypt Files |
Defines whether files are encrypted by the OFTP2 Encryption System Key. If TLS is not enabled, you must set this to OFTP2 data is encrypted using the OFTP2 partner's public encryption key so that only a partner with the OFTP2 system key can decrypt the data. |
| Request EERP | Defines whether an EERP is required. |
| Compress Files |
Defines whether data is compressed. MFT uses the ZLIB compression algorithm to compress data. |
OFTP2 Options: Receiving Files
Receiving File parameters are used when an OFTP2 client sends a file to the MFT OFTP2 server.
| Option | Instruction |
|---|---|
| Require Sign Files |
Defines whether incoming files must be signed. |
| Require Encrypted | Defines whether incoming files must be encrypted. While encryption can be done by the TLS protocol, this parameter defines whether OFTP2 encryption is required. As discussed before, if you are using TLS, you do not need to define OFTP2 encryption. To ensure that TLS is used, we recommend only defining the TLS Port and not defining the clear text IP port for the OFTP2 transfer server. This is discussed in the section Configure the MFT OFTP2 Transfer Server. |
| EERP Receipt Delivery | Currently, only Sync EERP is supported. |
OFTP2 Options: System Keys
System Keys are used for various OFTP2 functions. Not that you can use the same OFTP2 system key for multiple functions. System keys are only required when the corresponding OFTP2 function is enabled. For example, if you are using TLS and do not enable encryption, you do not need to define the encryption system key.
| Option | Instruction |
|---|---|
| TLS System Key |
Defines the MFT System Key used for TLS. |
| Authentication System Key | Defines the MFT system key used for OFTP2 session authentication. |
| Encryption System Key |
Defines the MFT system key used for OFTP2 encryption. |
| Signing System Key |
Defines the MFT system key used for OFTP2 signing. |
| EERP System Key |
Defines the MFT system key used for OFTP2 EERP. |
The public key for these system keys should be sent to the OFTP2 transfer partner. See the section titled "Create OFTP2 System Keys" for information on viewing the public keys associated with system keys.
OFTP2 Options: Partner Public Certificates
Partner public certificates are provided by the OFTP2 transfer partner. They are associated with the OFTP2 system keys defined by the transfer partner. Partner public certificates are used for various OFTP2 functions and are only required when the corresponding OFTP2 function is enabled. For example, if you are using TLS and do not enable encryption, you do not need to define the Encryption Public Certificate.
| Option | Instruction |
|---|---|
| TLS Public Certificate |
Defines the Partner Public Certificate used for TLS. |
| Authentication Public Certificate | Defines the Partner Public Certificate used for OFTP2 session authentication. |
| Encryption Public Certificate |
Defines the Partner Public Certificate used for OFTP2 encryption. |
| Signing Public Certificate |
Defines the Partner Public Certificate used for OFTP2 signing. |
| EERP Public Certificate |
Defines the Partner Public Certificate used for OFTP2 EERP. |