BlueZone Security ServerEnabling SSL on z/OSSSL for FTP using client certificate *

SSL for FTP using client certificate *

  1. Create an HFS KEYRING file. Refer to Creating HFS KEYRING files for more information.
  2. Create a self-signed certificate if a trusted CA is not available. Refer to Creating self-signed certificates for more information.
  3. Create a server certificate. Refer to Creating server certificates for more information.
  4. Create a client certificate. Refer to Creating client certificates for more information.
  5. Modify the FTP configuration dataset, for example, TCPIP.FTP.DATA, and add the following:
    1. EXTENSIONS AUTH_TLS
    2. SECURE_LOGIN VERIFY_USER
    3. TLSTIMEOUT 500
    4. KEYRING /ssl/key.kdb
    5. SECURE_CTRLCONN PRIVATE
    6. SECURE_DATACONN PRIVATE
    7. SECURE_FTP REQUIRED
    8. TLSPORT 0
Note: This configuration has not been attempted *
Parent topic: Enabling SSL on z/OS