Odette FTP (OFTP) is a state-driven, point-to-point file transfer protocol.
- The initiator of the connection is the speaker, but speaker and listener roles can be reversed at anytime during the session.
- All four OFTP file formats are supported –Text, Unstructured, Fixed, and Variable.
- VersaLex OFTP can be used to perform EBCDIC-to-ASCII and ASCII-to-EBCDIC translations during the OFTP transfer.
- OFTP sessions can be over ISDN (Windows users only) or TCP/IP. ISDN equipment must support the Common ISDN API (CAPI) interface, version 2.0.
- Support for OFTP receipts (End-to-End Responses) is included.
- VersaLex is compatible with Odette FTP versions 1.2, 1.3, 1.4, and 2.0.
- VersaLex supports the OFTP2 specification, including secure transport over TLS, session authentication, encryption, compression, and document signing.
- VersaLex does not support forwarding OFTP messages – VersaLex must be an endpoint.
- VersaLex OFTP can receive files, both solicited via an OFTP receive action or unsolicited via the Local Listener Odette FTP service.
- VersaLex OFTP can send files only via an OFTP send action; files cannot be sent by the Local Listener Odette FTP service.
The following action commands are available on VersaLex:
Command | Purpose | Possible underlying OFTP commands | |
---|---|---|---|
Host commands | PUT | Send one or more files to the host |
SFID (Start File Identification) DATA (Data exchange buffer) EFID (End of File Identification) CD (Change Direction) RTR (Ready to Receive) EERP (End to End Response) NERP (Negative End Response) |
GET | Receive one or more files and receipts from the host |
CD (Change Direction) SFPA (Start File Positive Answer) SFNA (Start File Negative Answer) CDT (Set Credit) EFPA (End File Positive Answer) EFNA (End File Negative Answer) EERP (End to End Response) NERP (Negative End Response) |
|
Local commands | SYSTEM | Execute a local system command | - |
WAIT | Pause | - | |
SET | Sets a property | ||
CLEAR | Clears a string property | ||
LCOPY | Copy one or more local files | - | |
LDELETE | Delete one or more local files | - | |
LREPLACE | Replace bytes in one or more local files | - | |
CHECK | Check for a transfer, file, or directory (VLTrader and Harmony only) | - | |
SCRIPT | Execute a JavaScript File (VLTrader and Harmony only) | - |
OFTP Configuration
Configure an Odette FTP (OFTP) host starting with the generic OFTP pre-configured host. Only use this host if Cleo does not have a pre-configured host for the connecting trading partner. See Cloning and activating a pre-configured host.
As part of the configuration process, you must also configure your Local Listener to receive OFTP messages. See Configuring a Local Listener for OFTP and Configuring OFTP Service for detailed information about configuring your local host for OFTP.
First activate either a trading partner specific host or the generic OFTP pre-configured host.
OFTP Host
A host's parameters specify its location and how it is reached.
OFTP Host: General Tab
Use the General tab to configure three different types of connections: ISDN, TCP/IP, and Server Only
ISDN connection
ISDN equipment must already be installed and must support the Common ISDN API (CAPI) interface, version 2.0.
- OFTP ISDN Addresses
- A list of ISDN numbers the product will use to attempt to connect to the trading partner. The product will try each number until a successful connection is made. For each ISDN address, specify values for the following fields.
- ISDN Phone Number
- Your partner's ISDN phone number. If you are making an international call and are unsure of how to specify the number, www.countrycallingcodes.com can be used to determine your international dialing code and your trading partner's country code.
- ISDN Subaddress
- X.25 Network User Address
- X.25 Network User Identification
- Optional attributes that your trading partner might use.
- Default Directories
- Modify the default directories, if necessary. You can use macro variables from the drop-down lists. See Using Macro Variables for a list of the applicable macros (Default Host Directory context) and example usage. For VLTrader and Harmony, see URI File System interface overview for information about you can use a Cleo-provided or custom URI for the Inbox and/or Outbox. See Specifying default host directories for information about setting up system-level directories and custom directory macro variables.
- Inbox
- Default directory for incoming files. Enter a value directly or click … to navigate to and select a directory.
- Outbox
- Default directory for outgoing files. Enter a value directly or click … to navigate to and select a directory.
- Sentbox
- If specified, default directory for retaining sent files. Files are a copy of the original source file; any file manipulations performed as part of the send action are not reflected in the sentbox copies. Enter a value directly or click … to navigate to and select a directory.
- Receivedbox
- If specified, default directory for retaining received files. Files are a copy of the final destination file; any file manipulations performed as part of the receive action are reflected in the receivedbox copies. Enter a value directly or click … to navigate to and select a directory.
TCP/IP connection
- Server Address
- Either a fully qualified name (recommended) or an IP address.
- Port
- The OFTP port. You can specify either a specific port number or -1 to indicate the default port (3305). Note that for secure connections using TLS, the default port is 6619.
- Connection Type
- The kind of connection you want to use for this host.
- Forward Proxy
- The address of the forward proxy you want to use for this host.
- Default Directories
- Modify the default directories, if necessary. You can use macro variables from the drop-down lists. See Using Macro Variables for a list of the applicable macros (Default Host Directory context) and example usage. For VLTrader and Harmony, see URI File System interface overview for information about you can use a Cleo-provided or custom URI for the Inbox and/or Outbox. See Specifying default host directories for information about setting up system-level directories and custom directory macro variables.
- Inbox
- Default directory for incoming files. Enter a value directly or click … to navigate to and select a directory.
- Outbox
- Default directory for outgoing files. Enter a value directly or click … to navigate to and select a directory.
- Sentbox
- If specified, default directory for retaining sent files. Files are a copy of the original source file; any file manipulations performed as part of the send action are not reflected in the sentbox copies. Enter a value directly or click … to navigate to and select a directory.
- Receivedbox
- If specified, default directory for retaining received files. Files are a copy of the final destination file; any file manipulations performed as part of the receive action are reflected in the receivedbox copies. Enter a value directly or click … to navigate to and select a directory.
Server-only connection
- Default Directories
- Modify the default directories, if necessary. You can use macro variables from the drop-down lists. See Using Macro Variables for a list of the applicable macros (Default Host Directory context) and example usage. For VLTrader and Harmony, see URI File System interface overview for information about you can use a Cleo-provided or custom URI for the Inbox and/or Outbox. See Specifying default host directories for information about setting up system-level directories and custom directory macro variables.
- Inbox
- Default directory for incoming files. Enter a value directly or click … to navigate to and select a directory.
- Outbox
- Default directory for outgoing files. Enter a value directly or click … to navigate to and select a directory.
- Sentbox
- If specified, default directory for retaining sent files. Files are a copy of the original source file; any file manipulations performed as part of the send action are not reflected in the sentbox copies. Enter a value directly or click … to navigate to and select a directory.
- Receivedbox
- If specified, default directory for retaining received files. Files are a copy of the final destination file; any file manipulations performed as part of the receive action are reflected in the receivedbox copies. Enter a value directly or click … to navigate to and select a directory.
OFTP Host: OFTP Tab
- Buffer Size
- Can be between 128 and 99999 bytes.
- Buffer Credits
- This is the number of data exchange buffers that can be sent consecutively by the speaker without listener acknowledgment.
- Compress Content
- Indicates whether the OFTP data compression algorithm should be invoked. This applies to buffer-level compression. OFTP2 utilizes better compression algorithms, which can be specified on the mailbox’s V2 tab.
- Allow Restart
- Maximum Record Size
- Indicates the maximum length of any single record when transferring a file. Maximum Record Size applies to the OFTP Text, Fixed, and Variable file formats; it does not apply to the OFTP Unstructured file format. In the case of the OFTP Fixed file format, Maximum Record Size specifies the fixed record length.
- Incoming
- Optional. Only specify an Incoming filter if you need to override the default inbox/filename or if EBCDIC translation or special end-of-record processing is required.
Adding an incoming destination or parameter
Add incoming destination information when you need to override the default inbox/filename or if EBCDIC translation or when special end-of-record processing is required.
OFTP Host: V2 Tab
Starting with OFTP2, transport layer security (TLS) is an option for secure communications. When downgrading the OFTP version (see Advanced Tab below), non-secure communications are used regardless of any values you set on this page.
- Partner Is ACE-Capable
- Indicates whether the trading partner is capable of sending and receiving certificates through Automatic Certificate Exchange (ACE), and enables the ACE subtab in the OFTP Mailbox: Security tab. See OFTP Mailbox: Security Tab.
- Outbound
- The Outbound group settings are enabled for TCP/IP connections. See OFTP Host: General Tab.
- Inbound
- The Inbound group is enabled for either Server Only or TCP/IP connections.
OFTP Host: Advanced Tab
See Setting advanced host properties for information about how to use and set the properties supported in all protocols. Properties available for OFTP include:
- Add Mailbox Alias Directory to Inbox
- Appends a subdirectory at the end of the host's configured inbox directory. This allows files received through different mailboxes to be kept separate.
- Add Mailbox Alias Directory to Outbox
- Appends a subdirectory at the end of the host's configured outbox directory. This allows files to be sent through different mailboxes to be kept separate.
- Add Mailbox Alias Directory to Receivedbox
- Appends a subdirectory at the end of the host's configured receivedbox directory. This allows files that have been sent through different mailboxes to be kept separate.
- Add Mailbox Alias Directory to Sentbox
- Appends a subdirectory at the end of the host's configured sentbox directory. This allows files that have been sent through different mailboxes to be kept separate.
- Allow Actions To Run Concurrently
- Normally, actions and host actions within the same host are allowed to run concurrently. You can use this property to not allow actions and host actions to run concurrently.
Note: This is a Cleo Harmony and Cleo VLTrader option.
- Always Change Direction After Sending
- Indicates that a CD should always be sent after finished sending a set of files, giving the trading partner the opportunity to provide pending EERPs.
- Always Disconnect ISDN After End Of Session
- Disable this setting if, for incoming ISDN calls, host should wait for trading partner to issue disconnect.
- Always Include EERP Hash
- Indicates whether to include a hash (EERPHSH) value in returned EERPs even if a signature (EERPSIG) is not included. The property defaults to off, and is included for backward compatibility.
- Application Layer Receipts
-
Note: This applies only to the Cleo Harmony and Cleo VLTrader applications.
- Async EERP Resends
- Specifies the number of attempts that will be made to resend an asynchronous transaction not completed within the specified timeout period. If you specify a value of -1 (which is the default), the value specified for this parameter at the Local Listener level is used. If you change the value in this field from this default, that value overrides the one specified for the Local Listener.
- Async EERP Timeout (minutes)
- The maximum time (in minutes) that the Local Listener will wait for an asynchronous response before either resending the transaction (if AsyncResends > 0) or logging an error. If you specify a value of -1 (which is the default), the value specified for this parameter at the Local Listener level is used. If you change the value in this field from this default, that value overrides the one specified for the Local Listener.
- Command Retries
- If an error or exception occurs during a command, the number of times the command should be retried.
Note: Command Retries does not apply to exceptions related to TCP/IP or ISDN dial-up connections. This is because dial-up connections are managed by the framework so that they can be shared across actions.
- Connection Timeout
- The amount of time allowed for each read operation.
- Delete Zero Length Files
- Indicates whether files received that are zero-length (<= 5 bytes) should be deleted rather than processed.
- Do Not Send Zero Length Files
- Indicates whether zero length files to be sent to the server should be ignored rather than processed. If the
-DEL
option is being used, any zero length file ignored will also be deleted. - Downgrade OFTP Version
- Use may be necessary if the trading partner OFTP software does not on its own properly downgrade from Cleo Harmony, Cleo VLTrader, or Cleo LexiCom OFTP version 2.0.
- EBCDIC Encoding
- When translating to and from EBCDIC, indicates the specific EBCDIC character encoding.
- Email On Check Conditions Met
- Send an email notification after running a CHECK command where the overall conditions of the check are met. See Configuring email or execute based on results.
Note: This is a Cleo Harmony and Cleo VLTrader option.
- Email On Check Conditions Not Met
- Send an email notification after running a CHECK command where the overall conditions of the check are not met. See Configuring email or execute based on results.
Note: This is a Cleo Harmony and Cleo VLTrader option.
- Email On Fail
- If an error occurs during a command, email the error condition. See Configuring email or execute based on results.
- Email On Flag
- If a flagged event occurs, email the event. See Configuring email or execute based on results.
- Email On Repetitive Action Failures
- When "Email On Fail" is enabled and the same failure occurs each time an action is run for a specific host, leaving this option unchecked suppresses emailing of the same alert multiple times. If the same email alert continues to be suppressed after 24 hours, the suppressed email alert will be sent every 24 hours and after every system restart if the failure occurs again. When the failure is resolved an email alert will be sent.
Note: This feature only suppresses multiple emails if the same failure occurs multiple times in a row. Suppression is not maintained across synchronized hosts.
- Email On Repetitive Listener Failures
- When "Email On Fail" is enabled and the same failure occurs each time an inbound message is processed by the Listener for a specific host, leaving this option unchecked suppresses emailing of the same alert multiple times. If the same email alert continues to be suppressed after 24 hours, the suppressed email alert will be sent every 24 hours and after every system restart if the failure occurs again. If the failure can be associated with a specific host, an email alert will be sent when the failure is resolved. Failure resolution email alerts will not be sent for general Listener failures since it is not possible to determine that these types of failures have been resolved.
Note: This feature only suppresses multiple emails if the same failure occurs multiple times in a row. Suppression is not maintained across synchronized hosts.
- Email On Successful Copy
- Send an email notification after copying a file using LCOPY. See Configuring email or execute based on results.
- Email On Successful Receive
- Send an email notification after successfully receiving a file. See Configuring email or execute based on results.
- Email On Successful Send
- Send an email notification after successfully sending a file. See Configuring email or execute based on results.
- Execute On Check Conditions Met
- After executing a CHECK command where the overall conditions are met, run a system command. See Configuring email or execute based on results.
Note: This is a Cleo Harmony and Cleo VLTrader option.Note: Note that if multiple files contribute to the conditions being met, and one of the file macros is in the command (e.g., %file%), the system command will be executed repeatedly - once for each file.
- Execute On Check Conditions Not Met
- After executing a CHECK command where the overall conditions are not met, run a system command. See Configuring email or execute based on results.
Note: This is a Cleo Harmony and Cleo VLTrader option.
- Execute On Fail
- If an error occurs during a command, run a system command. See Configuring email or execute based on results.
- Execute On Repetitive Action Failures
-
When Execute On Fail is enabled and the same failure occurs each time an action is run for a specific host, leaving this option unchecked suppresses multiple executions of the Execute On Fail command. If suppression of execution of the command for this failure continues after 24 hours, the suppressed Execute On Fail command will be executed every 24 hours and after a system restart if the failure occurs again. When the failure is resolved, the Execute On Fail command will be executed again. Users must account for this by including the %status% macro variable for the Execute On Fail command (see Using macro variables) and then checking for a success or failure.
Note: This feature only suppresses multiple executions of the Execute On Fail command if the same failure occurs multiple times in a row. Suppression is not maintained across synchronized hosts. - Execute On Repetitive Listener Failures
-
When Execute On Fail is enabled and the same failure occurs each time an inbound message is processed by the Listener for a specific host, leaving this option unchecked suppresses multiple executions of the Execute On Fail command. If suppression of execution of the command for this failure continues after 24 hours, the suppressed Execute On Fail command will be executed every 24 hours and after every system restart if the failure occurs again. If the failure can be associated with a specific host, the Execute On Fail command will be executed again when the failure is resolved. Users must account for this by including the %status% macro variable for the Execute On Fail command (see Using macro variables) and then checking for a success or failure. Executions of the "Execute On Fail" command for resolution of general Listener failures will not be done since it is not possible to determine that these types of failures have been resolved.
Note: This feature only suppresses multiple executions of the Execute On Fail command if the same failure occurs multiple times in a row. Suppression is not maintained across synchronized hosts. - Execute On Successful Copy
- After successfully copying a file using LCOPY, run a system command. This command may be used for post-processing the file. See Configuring email or execute based on results.
- Execute On Successful Receive
- After successfully receiving a file, run a system command. This command may be used for post-processing the file. See Configuring email or execute based on results.
- Execute On Successful Send
- After successfully sending a file, run a system command. This command may be used for post-processing the file. See Configuring email or execute based on results.
- Fixed Record EOL Characters
- End-of-line characters to be inserted and/or deleted.
- Fixed Record Incoming Delete EOL
- If Fixed Record EOL Characters has been specified and Fixed Record Length is greater than 0, indicates to look for and delete EOL characters while receiving a file.
Note: When using FTP ASCII mode, standard EOL characters may already be changing if transferring between Windows and Unix platforms.
- Fixed Record Incoming Insert EOL
- If Fixed Record EOL Characters has been specified and Fixed Record Length is greater than 0, indicates to insert EOL characters while receiving a file.
Fixed Record Incoming Delete EOL and Fixed Record Incoming Insert EOL are mutually exclusive properties.
- Fixed Record Length
- The fixed record length after which end-of-line characters need to be inserted and/or deleted.
- Fixed Record Length From OFTP
- Causes EOL characters to be inserted while receiving a file based on the SFIDLRECL value.
Note: For this property to be effective, Fixed Record EOL Characters must be specified, Fixed Record Incoming Insert EOL must be enabled, and a fixed SFIDFMT format with a positive SFIDLRECL value must be requested by the OFTP trading partner.
- Fixed Record Outgoing Insert EOL
- If Fixed Record EOL Characters has been specified and Fixed Record Length is greater than 0, indicates to insert EOL characters while sending a file.
Note: When using FTP ASCII mode, standard EOL characters may already be changing if transferring between Windows and Unix platforms.
- High Priority
- Indicates whether incoming and/or outgoing transfers through the host should be treated as high priority. When both high priority and regular priority transfers are active, the high priority transfers get a larger portion of the available bandwidth. Go to
High Priority Transfers Percentage Available Bandwidth
(defaults to 75). See Other system options for more information.
to set the
- Include Failure In Subject Of Email
- When specified, the exception message will be included in the email that is generated on failure.
Note: If the exception message exceeds 256 characters, it will be truncated.
- LCOPY Archive
- If specified, contains the directory for archiving LCOPY source files.
- Log Individual LCOPY Results To Transfer Logging
- When this option is enabled, a
<send>
and<receive>
result is logged to the transfer log for each file copied.Note: This is a Cleo Harmony and Cleo VLTrader option. - Macro Date Format
- Specifies the date format to be used when the
%date%
macro is used. - Macro Time Format
- Specifies the time format to be used when the
%time%
macro is used. - Maximum Incoming Transfer Rate (kbytes/s)
- Sets the maximum incoming transfer rate in Kbytes (1024 bytes) per second for each mailbox or host. The default value of
0
does not limit the transfer rate. The Maximum Incoming Transfer Rate system setting might also limit the transfer rates. The system Maximum Incoming Transfer Rate value is used unless this setting is more restrictive. For simultaneous transfers, the number of active transfers also affects individual transfer rates. See Advanced system options. - Maximum Outgoing Transfer Rate (kbytes/s)
- Sets the maximum outgoing transfer rate in Kbytes (1024 bytes) per second for each mailbox or host. The default value of
0
does not limit the transfer rate. The system setting might also limit the transfer rates. The system Maximum Outgoing Transfer Rate value is used unless this setting is more restrictive. For simultaneous transfers, the number of active transfers will also affect individual transfer rates. See Advanced system options for more information about Maximum Outgoing Transfer Rate. - Outbox Sort
- Controls the order in which multiple files are transferred for a PUT command. If
System Default
is specified, the value set on the tab takes precedence. ForAlphabetical
ordering, the file extensions are not used to determine the sorted order unless they are needed to make the filenames unique. - Outgoing Insert EOL Between Interchanges
- If
Fixed Record Outgoing Insert EOL
is active, indicates to also insert EOL characters between EDI interchanges while sending the file. - Partner Email Address
- The email address of the trading partner for this trading relationship. When set, this address is automatically used to send your local profile information and/or certificates to your trading partner. See Emailing a profile to your trading partner.
- PGP Compression Algorithm
- Compression method used when OpenPGP packaging (with compression) is requested through the Mailbox Packaging tab. See Configuring mailbox packaging. If
System Default
is specified, the value set on the tab is in effect. - PGP Encryption Algorithm
- Encryption method used when OpenPGP packaging (with encryption) is requested through the Mailbox Packaging tab. See Configuring mailbox packaging. If
System Default
is specified, the value set on the tab takes precedence. - PGP Hash Algorithm
- Signing method used when OpenPGP packaging (with signing) is requested through the Configuring mailbox packaging. If
System Default
is specified, the value set on the tab takes precedence. - PGP Integrity Check
- When OpenPGP encrypting (see Configuring mailbox packaging), include an integrity check on encrypted data. Can be disabled for compatibility with certain OpenPGP implementation.
- PGP Signature Verification
- Indicates whether or not signed inbound PGP messages should verified when inbound OpenPGP packaging is requested through the Mailbox Packaging tab. See Configuring mailbox packaging. In general, this property should be enabled.
- PGP V3 Signature
- Processing Disconnect Timeout (seconds)
- When sending multiple large files within a put action, pre-processing (encryption, compression, signing) of files can take a while. This option will disconnect the connection if the processing time between files exceeds the timeout. The connection is re-established when file being processed is complete
- Retry Delay
- The amount of time (in seconds) before a retry should be attempted.
- Reuse SSL Sessions Across Actions
- If selected, SSL sessions from previous connections to the same destination (address and port number) may be resumed to avoid costly negotiation. If unselected, only SSL sessions used in the current action to the same destination may be resumed. When unselected, a new SSL session is created for the initial command port connection.
- SSL Allow Legacy Renegotiation
- When selected, legacy renegotiation is allowed. If this property is not selected, the extension described in RFC5746 is used for renegotiation and the server must also support this extension. See RFC5746 for a description of the extension and the vulnerability it addresses.
- SSL Cipher
- Indicates a specific cipher to be used with the server for SSL key exchange, encryption, and hashing. If not set, the list of supported ciphers is presented to the server and the server picks one.
- SSL Maximum Protocol Version
- Specifies the maximum protocol version allowed. By default, this field is blank, designating that Cleo Harmony, Cleo VLTrader, or Cleo LexiCom will select the most recent version (currently TLS 1.2).
- SSL Minimum Encryption Key Size
- Specifies the minimum encryption key size allowed when selecting an SSL cipher. To prevent use of low- or medium-strength ciphers, change from the default value of
0
to112
,128
, or256
(depending on the requirement). Note that if this value is set too high, all ciphers are filtered out causing theNo suitable cipher suites are enabled
exception to occur. - SSL Minimum Protocol Version
- Specifies the minimum protocol version allowed. SSL 3.0 is the default value for compatibility with servers that do not support the more recent TLS versions 1.0, 1.1, and 1.2.
- SSL Reject Expired Certificates
- When set, if an expired server certificate is received during SSL negotiations, the certificate will be rejected and the SSL handshake will be terminated.
- Possible values:
On
orOff
- Default value:
Off
- SSL Use Record Splitting
- Indicates whether to use 1/n-1 record splitting in CBC mode as a countermeasure against the Rizzo/Duong BEAST (Browser Exploit Against SSL/TLS) attack against the SSL 3.0 / TLS 1.0 protocol. Must be turned off if the SSL library on the other side of the connection does not support the feature.
- Store Raw Sent Message
- When this property is enabled, a copy of the outbound message is stored in the HTTP/sent directory.
- Terminate On Fail
- If an error occurs during a command, stop the action.
Note:
Regarding non-CHECK commands: When
Terminate On Fail
is on, if a command fails,Email On Fail
andExecute On Fail
, if set, are processed, and then the action stops. WhenTerminate On Fail
is off, if a command fails,Email On Fail
andExecute On Fail
, if set, are processed, and the action continues.Regarding CHECK commands:
Terminate On Fail
is only honored if theConditionsMet
parameter is set and the result of the CHECK is classified asError
. The CHECK command is only available in the Cleo Harmony and Cleo VLTrader applications. - Unzip Use Path
- Indicates whether or not zip entry paths should be used for LCOPY -UNZIP operations. When enabled, the entry's path is added to the destination path, unless the entry contains an absolute path. In this case, the absolute path is used in place of the destination path.
- Validate String Characters For Inbound Message Fields
- Validates that the incoming values for SSID and SFID string fields only contain characters from the following set:
- Numbers: 0-9
- Upper Case Letters: A-Zoftp
- Special Characters: / - . & ( )
- Possible values:
On
orOff
- Default value:
Off
- Verify Calling Party ISDN Address
- When receive an incoming call for this ISDN host, indicates whether the call's source phone number must be one of the configured outgoing phone numbers.
- Wait For Disconnect After Sending End Of Session
- Indicates that if the Cleo Harmony, Cleo VLTrader, or Cleo LexiCom application initiates end-of-session, it should wait for a disconnect request from the connected trading partner rather than immediately disconnecting.
- Wait For Execute On
- Indicates whether execution should wait for processing to complete within an Execute On Fail, Execute On Successful Copy,Execute On Successful Receive, or Execute On Successful Send command. Note that this option does not apply to native AS400 execution.
- XML Encryption Algorithm
- The method used to encrypt/decrypt files when XML Encryption packaging is requested through the Mailbox Packaging tab. See Configuring mailbox packaging . If
System Default
is specified, the value set on the tab takes precedence. - Zip Comment
- Specifies the comment to be added to the zip archive file in LCOPY -ZIP operations.
- Zip Compression Level
- Controls the level of compression for LCOPY -ZIP operations. If
System Default
is specified, the value set on the takes precedence - Zip Subdirectories Into Individual Zip Files
- Indicates whether or not subdirectories should be bundled for LCOPY –ZIP –REC operations. When enabled, each first-level subdirectory (and all of its descendents) will be bundled together into an individual zip file. The name of this zip file may optionally reflect the subdirectory name if an asterisk (
*
) is placed in the destination path. Any files that are directly off the source root directory will not be copied.
OFTP Mailbox
A mailbox's parameters allow access to the host system.
Create a new mailbox under the host.
OFTP Mailbox: OFTP Tab
- User ID (SSIDCODE)
- Password (SSIDPASWD)
- Credentials that identify your trading partner.
- Outgoing
-
- Default Virtual Filename (SFIDDSN)
- Optionally, enter an outgoing Default Virtual Filename. An action's PUT command destination, if specified, will override this value. If a PUT command does not specify a destination and a Default Virtual Filename is also not specified, then the source filename is used.
- Originator
- A user ID identifying the sender. Select the check box and provide a value to override the default. You can also use the SET command in an action to override these values.
- Destination
- A user ID identifying the receiver. Select the check box and provide a value to override the default. You can also use the SET command in an action to override these values.
- Send files when partner initiates connection
- Enables the Send Action field.
- Send Action
- The action to be run whenever a trading partner-initiated connection makes the Cleo Harmony or Cleo VLTrader application the speaker. This allows the Cleo Harmony or Cleo VLTrader OFTP to act as the server in a traditional client-server model, where trading partner clients are both pushing and pulling files. If the General tab (see OFTP Host: General Tab) is set to Server Only and outgoing database payload is being used , any unsent database payload for the mailbox is also sent using the configured send action commands when the partner-initiated connection makes the Cleo Harmony or Cleo VLTrader application the speaker.
- My Identification
-
- User ID
- Password
- Override your default credentials.
- Substation Mailbox
- Enables a drop down menu where you select a substation mailbox. The mailbox uses the same user ID (SSIDCODE) and password (SSIDPASWD) as the managing mailbox, but has a different originator (SFIDORIG)/destination (SFIDDEST) pair (so these two override flags are automatically set). For OFTP2, a substation mailbox can have different signing, encryption, and/or EERP certificates.
OFTP Mailbox: V2 Tab
The following settings pertain only to OFTP2 sessions or later.
- Session
-
- Cipher Suite
- Used for encryption, signing, and generating hash values.
- Secure Authentication
- Indicates whether OFTP secure authentication should be used in exchanges with your trading partner (i.e., SSIDAUTH=Y/N). This setting controls what is placed in the SSIDAUTH field (Y/N) when sending and responding. It also is used by the responder to enforce compliance with RFC 5024, which states the secure authentication must be set to the same value for both the initiator and responder. The certificates used for session authentication are specified on the Session sub-tab of the Mailbox Security tab.
- Request
-
- Encrypted Content
- Select to encrypt outgoing files. Certificates used for encryption are specified on the Mailbox Certificates tab.
- Signed Content
- Select to sign outgoing files. Certificates used for signing are specified on the Mailbox Certificates tab.
- Signed Receipt (EERPs/NERPs)
- Select to sign outgoing EERPs and NERPs. Certificates used to sign EERPs/NERPs are specified on the EERP sub-tab of the Mailbox Security tab.
- CMS Compression
- Select to compress the file using CMS compression before sending. This is generally more effective than the legacy buffer compression used prior to OFTP2.
- Inbound Message Security
-
- Force Encryption
- Select to only accept encrypted files from your trading partner that can be decrypted using a specified certificate.
- Force Signed Content
- Select to only accept signed files from your trading partner.
OFTP Mailbox: Certificates Tab
The following settings pertain only to OFTP2 sessions or later.
You must acquire your trading partner's signing and encryption certificates and provide yours to your trading partner. See Acquiring your trading partner's signing and encryption certificates and Creating and providing your signing/encryption certificates.
- Trading Partner's Certificates
-
- Signing Certificate
- The certificate used to verify a signature from an incoming file that is signed.
- This certificate is only required if Secure Authentication is selected in the mailbox V2 tab.
- Specify a value or click Browse to navigate to the file you want to select.
- Encryption Certificate
- The certificate used to encrypt outgoing files if Encrypted Content is selected on the mailbox V2 tab.
- Use encryption certificate
- Indicates that your trading partner uses the same certificate for signing and encryption, which is the general practice among most trading partners. When you select this check box, the Signing Certificate field is populated with the same certificate you selected in the Encryption Certificate field.
- My Certificates
-
- Override Local Listener Certificates
- Enables fields where you specify signing and encryption certificates to use with this particular partner instead of the certificates you configured for the Local Listener. See Configuring certificates for Local Listener.
- Exchange Certificates
- Displays the Certificate Exchange dialog box, which allows you to send your user and SSL certificates to your trading partner. See Exchanging certificates with your trading partner.
- Signing Certificate Alias
- The Signing Certificate Alias refers to the certificate used to sign outgoing files
- Encryption Certificate Alias
- The Encryption Certificate Alias is for decrypting incoming encrypted files.
- Use signing certificate
- Select this check box to use the same certificate for signing and decrypting your trading partner's messages. The Encryption Certificate Alias and Password are populated to match the Signing Certificate Alias and disabled.
OFTP Mailbox: Security Tab
OFTP Mailbox Security: TCP Tab
- Certificate Alias
- The certificate to use for TLS over secure TCP/IP. This certificate is optional.
- Password
- The password for the certificate you specify.
- Exchange Certificates
- Displays the Certificate Exchange dialog box, which allows you to send your user and SSL certificates to your trading partner. See Exchanging certificates with your trading partner.
OTFP Mailbox Security: Session Tab
- Trading Partner's Certificates
-
- Authentication Certificate
- The certificate to use for authenticating your trading partner's OFTP2 session.
- Use encryption certificate
- Indicates that your trading partner uses the same certificate for authentication as specified for encryption. When you select this check box, the Authentication Certificate field is populated with the same certificate you selected in the Encryption Certificate field on the Certificates tab (see OFTP Mailbox: Certificates Tab).
- My Certificate
-
- Authentication Certificate
- The certificate to use for authenticating your OFTP2 session.
- Password
- The password for the certificate you specify.
- Use encryption certificate
- Indicates that you want to use same certificate for authentication as specified for encryption. When you select this check box, the Authentication Certificate field is populated with the same certificate you selected in the Encryption Certificate field on the Certificates tab (see OFTP Mailbox: Certificates Tab).
- Exchange Certificates
- Displays the Certificate Exchange dialog box, which allows you to send your user and SSL certificates to your trading partner. See Exchanging certificates with your trading partner.
OFTP Mailbox Security: EERP Tab
The EERP tab is used to specify a certificate for EERP and NERP packet signing. The trading partner's signing certificate is used to validate an incoming signed EERP/NERP. Note that this certificate is optional. If it is not specified, the incoming signed EERP/NERP's signature is compared to all valid certificates in the local certificate store. My Certificate signing certificate is used to sign outgoing EERP/NERPs.
- Trading Partner's Certificates
-
- Signing Certificate
- The certificate to use to validate an incoming signed EERP/NERPs.
- Use signing certificate
- Indicates that your trading partner uses the same certificate as specified for signing in the Signing Certificate field on theCertificates tab (see OFTP Mailbox: Certificates Tab).
- My Certificate
-
- Signing Certificate
- The certificate to use to sign outgoing EERP/NERPs.
- Password
- The password for the certificate you specify.
- Use encryption certificate
- Indicates that you want to use the same certificate as specified for signing in the Signing Certificate field on the Certificatestab (see OFTP Mailbox: Certificates Tab).
- Exchange Certificates
- Displays the Certificate Exchange dialog box, which allows you to send your user and SSL certificates to your trading partner. See Exchanging certificates with your trading partner.
OFTP Mailbox Security: CLID Tab
Use the CLID tab to specify the Certificate Logical Identification Data (CLID) for your trading partner's certificates. If your trading partner provides their CLID, it allows for validation that the supplied certificates match, whether the certificate is provided automatically through ACE or imported and configured manually. Depending on which security features are used in the trading relationship and whether separate certificates are used for each feature, between one and five CLIDs are specified for signing, encryption, EERP, session, and TLS use.
A CLID consists of:
- The certificate’s subject and issuer in the form
EMAIL=xxx,CN=xxx,OU=xxx,O=xxx,L=xxx,ST=xxx,C=xxx
(the fields present and the order of the fields are dictated by the trading partner). - Existence of
digitalSignature
,keyEncipherment
,clientAuth
, and/orserverAuth
key usage flags.
If a configured certificate does not match its CLID, the mailbox is not considered ready. A certificate received through ACE that does not have a matching CLID is rejected.
OFTP Mailbox Security: ACE Tab
Use the ACE (Automatic Certificate Exchange) tab to trade certificates with your partner through the same OFTP channel used to trade payload. ACE exchanges do not themselves use channel security features, which allows for exchange of initial certificates as well as replacement certificates. ACE is an extension to the OFTP2 specification. Check with your trading partner that their OFTP2 product supports ACE before attempting to use this tab. Your trading partner can also require that you provide your Certificate Logical Identification Data (CLID) values before using ACE.
The ACE tab shows certificates for both sides of the relationship – My Certs and Trading Partner Certs – and four different uses – Signing, Encryption, Session, and EERP. The currently active certificate is always listed first, followed by the other certificates that have been delivered through ACE. These certificates can also be used as long as they are valid and will automatically replace any currently installed expired certificates designated for the same
usage.
Although they can also be exchanged through ACE, TLS certificates are not shown because in general all trusted certificates are accepted for TLS rather than a specific list. If the mailbox is a substation mailbox, session certificates are also not shown because the session certificate is only applicable to the main station mailbox.
ClickSend Certificate to display the Send Certificate to Trading Partner dialog box.
Select the intended usages and then fill in the user certificate alias and password. Click Send to initiate an ACEODETTE_CERTIFICATE_DELIVER
message. If your trading partner responds with an EERP, the certificate becomes the active certificate for the selected usages and what was the active certificate is dropped down in the list.
- For signing and EERP, the active certificate is in effect the only certificate used (to sign).
- For encryption and session, the active certificate is the first certificate used (to decrypt), but if decryption fails, the other valid certificates in the list are tried one-by-one.
- Only valid and non-expired certificates can be exchanged through ACE.
- Whenever an installed local or partner certificate is expired and there is a valid secondary certificate available that had previously been exchanged through ACE, the next secondary certificate for the specified usage(s) will be rolled over as the installed certificate before an OFTP message is either sent or received. In synced environments, certificates will be updated only on the node where the rollover has occurred to avoid syncing collisions. Each node will subsequently be updated during its own OFTP data exchange.
If Certificate replaces all certificates previously provided to trading partner is selected first, then clicking Send initiates an ACE ODETTE_CERTIFICATE_REPLACE
message. When a new user certificate is sent through ACE in either a replacement or rollover scenario, attributes of the currently installed certificate are now included in the SFIDDESC field of the SFID message. These attributes may then be used by the receiver to implicitly trust the new certificate based on the trust of the currently installed certificate. If your trading partner responds with an EERP, the certificate becomes the active certificate for the selected usages, and all of the user certificates previously listed are automatically cleared. After an OFTP Trading Partner certificate is replaced, the replaced certificate is archived (in the certs/archive directory) and removed from the trusted store as long as it is no longer in-use in any other trading relationship.
To manually remove a certificate in the list (other than the active certificate), right-click on the certificate and select Remove.
The following dialog is shown when Request Certificate(s) is clicked:
Click Request to initiate an ACE , and if acceptable, queue your trading partner to send one or more ACE ODETTE_CERTIFICATE_DELIVER
messages back. An ODETTE_CERTIFICATE_DELIVER
message can also be received unsolicited. Based on your configured CLID, the usage for the certificate within the DELIVER is determined, the certificate becomes the active certificate for its usages, and what was the active certificate is dropped down in the list.
- For signing and EERP, the active certificate is the first certificate used (to verify a signature), but if verification fails, the other valid certificates in the list are tried one-by-one.
- For encryption and session, the active certificate is in effect the only certificate used (to encrypt).
- Only valid and non-expired certificates can be exchanged through ACE. Received ACE messages with expired certificates will be rejected.
- Whenever an installed local or partner certificate is expired and there is a valid secondary certificate available that had previously been exchanged through ACE, the next secondary certificate for the specified usage(s) will be rolled over as the installed certificate before an OFTP message is either sent or received. In synced environments, certificates will be updated only on the node where the rollover has occurred to avoid syncing collisions. Each node will subsequently be updated during its own OFTP data exchange.
To manually remove a certificate in the list (other than the active certificate), right-click on the certificate and select Remove.
OFTP Mailbox: Packaging Tab
See Configuring mailbox packaging for information regarding payload file packaging.
OFTP Action
An action's parameters capture a repeatable transaction for your mailbox on the host system. Create a new action under the mailbox.
OFTP Action: Action Tab
Use the Action tab to configure commands within an action.
See Composing an action. Also see OFTP Command Reference.
OFTP Command Reference
Information about commands available to OFTP hosts and mailboxes
PUT
Send one or more files to the host
PUT –TEX|-UNS|-FIX|-VAR|-RET –DEL "source" "destination" RecordDelimiter=0x.. StripDelimiter=True|False PadCharacter=0x.. TranslateToEBCDIC=True|False FileDescription=...
- –TEX
- Transfer file in OFTP text format:
- -UNS
- Transfer file in OFTP unstructured format:
- -FIX
- Transfer file in OFTP fixed format.
- -VAR
- Transfer file in OFTP variable format.
- -RET
- Transfer return receipt. See OFTP Configuration.
- -DEL
- If
PUT
is successful, delete the local file. - "source"
-
Source path
- Path can be to a filename or to a directory.
- You can use
*
and?
, or a regular expression when you specify a filename. See Using wildcards and regular expressions for additional information. - If you specify a relative path, the command uses the default outbox.
- Use of macro variables is supported. See Using macro variables (Source File context) for a list of the applicable macros.
- If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
- "destination"
-
The file’s Virtual Filename (SFIDDSN)
- Use of macro variables is supported. See Using macro variables (Destination File context) for a list of the applicable macros.
- If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
- If no destination is specified, the command uses Default Virtual Filename under the OFTP Mailbox > OFTP Tab. If the Default Virtual Filename also not specified, the command uses the source filename.
Additional PUT parameters
RecordDelimiter=
- The character or set of characters that logically separate records. Use a
0x
prefix to specify hexadecimal character values. StripDelimiter=
- When a
RecordDelimiter
is specified, indicates whether the delimiters should be excluded from the file transfer. Defaults to False. PadCharacter=
- The character or set of characters to be used when necessary to pad a record to the needed fixed length. Use a 0x prefix to specify hexadecimal character values.
TranslateToEBCDIC=
- Indicates that outgoing characters should be translated from ASCII to EBCDIC. The “EBCDIC Encoding” property under the OFTP Host > Advanced Tab specifies the encoding character set. Defaults to False. See OFTP Host.
FileDescription=
- Specify an optional description. This is set to the SFIDDESC field when sending a file. This field only pertains to OFTP2.
GET
Receive one or more files or receipts from the host
GET
The GET command has no options for two reasons:
- Whether files or receipts (EERP) are received cannot be controlled
- In OFTP, files and receipts can be received either solicited or unsolicited
You can use the Incoming options under OFTP Host > OFTP Tab can be used to configure the special destination and parameters for all received files, both solicited and unsolicited. See OFTP Host.
SYSTEM
Execute a local system command.
SYSTEM "path"
- "path"
- Local command path with arguments.
- If you specify a relative path or no path, the command uses the home directory.
- See Using operating system commands in actions for additional information
SET
Change an action property value. The new value only affects the commands that follow the SET.
SET property=value
- property = value
- Action property and new value
- The property name must have no embedded spaces.
- The value specified remains in effect until it is set again or until the end of action.
- To reset property back to default value (host-level or system-level), specify
SET property
or
SET property=
- To clear a string property, use the CLEAR command
You can also use the SET command to override any property in the OFTP Host > Advanced Tab (see OFTP Host) at action runtime. There are also a number of OFTP parameters in the OFTP Host > OFTP Tab and OFTP Mailbox > OFTP Tab that you can override at runtime, including:
- mailbox.SSIDSDEB
- mailbox.SSIDCRED
- mailbox.SSIDCMPR
- mailbox.SFIDLRECL
- mailbox.SFIDDSN
- mailbox.SFIDORIG
- mailbox.SFIDDEST
CLEAR
Clear an action property string value. The cleared value only affects the commands that follow the CLEAR.
CLEAR property
- property
- Action property name with no embedded spaces.
WAIT
Pause execution.
WAIT seconds
- Seconds
- Number of seconds to pause.
LCOPY
Copy one or more files locally.
LCOPY –DEL -REC {–UNI|–APE} {-ZIP|-UNZ} "source" "destination"
- -DEL
- If the command is successful, delete the local file.
- -REC
- Recursively search all subdirectories.
- -UNI
- Ensure the copied filename is unique.
- -APE
- Append copied file to existing destination file.
- -ZIP
- Zip all the files into one or more ZIP archive files, depending on the destination specified.
- Specify ZIP comment and compression level through Zip Comment and Zip Compression Level properties. See Setting advanced host properties.
- The ZIP archive files created through the LCOPY command conform to the standard ZIP file format. Visit http://docs.oracle.com/javase/6/docs/api/java/util/zip/package-summary.html. The ZIP file format should not be confused with other popular file compression/archive formats such as GZIP, TAR, RAR, etc. The LCOPY command works only with ZIP-formatted files. In addition to the VersaLex application, there are many other software packages that can read/write ZIP-formatted files, for example, WinZip (Windows), File Roller (Linux), PKZIP and Info-ZIP (Windows/Linux/other Unix).
- In addition to standard ZIP-formatted archives, the VersaLex application also supports password-based AES- encrypted ZIP files (128-bit, 192-bit, and 256-bit). See Cryptographic Services.
- -UNZ
- Unzip the source file(s).
- All source files must be ZIP archive files.
- You cannot use this option with the
-REC
option. - Use ZIP entry paths if Unzip Use Path is set. See Setting advanced host properties.
- The ZIP archive files created through the LCOPY command conform to the standard ZIP file format (reference http://docs.oracle.com/javase/6/docs/api/java/util/zip/package-summary.html). The ZIP file format should not be confused with other popular file compression/archive formats such as GZIP, TAR, RAR, etc. The LCOPY command works only with ZIP-formatted files. In addition to the application, there are many other software packages that can read/write ZIP-formatted files, for example, WinZip (Windows), File Roller (Linux), PKZIP and Info-ZIP (Windows/Linux/other Unix).
- In addition to standard ZIP-formatted archives, the VersaLex application also supports password-based AES- encrypted ZIP files (128-bit, 192-bit, and 256-bit). See Encryption of Zip Files for more information on this capability.
- "source"
- Source path
- Path can be to a filename or to a directory
- You can use
*
and?
, or a regular expression when you specify a filename. See Using wildcards and regular expressions for additional information. - If you specify a relative path, the command uses the default inbox.
- You can use macro variables. See Using macro variables (Source File context) for a list of the applicable macros.
- If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
- "destination"
- Destination path.
- Path can be to a filename or to a directory.
- If you specify a relative path, the command uses the default inbox.
- You can use macro variables. See Using macro variables (Source File context) for a list of the applicable macros.
- You can use a single
*
within the destination path. In this context, it is not a wildcard. Rather, it is used to substitute a source file name or a source subdirectory name. When*
is used in conjunction with both the-REC
and-ZIP
options, andZip Subdirectories Into Individual Zip Files
is enabled, then*
is substituted with each first-level subdirectory name. When*
is not used for bundling zipped subdirectories, then it is used as a shortcut for the%sourcefilename%
or%srcfilename%
macro. Only one*
is allowed in the destination path. See Setting advanced host properties. - When copying a file without the
-APE
option, or when copying a file with the-APE
option where the destination file does not already exist, a temporary file name is used while the copy operation is taking place. This temporary file is placed in the destination directory. Its name begins with the product name and ends with .tmp. Once the copy completes successfully, the temporary file is renamed to the destination name. - If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
LDELETE
Delete one or more files locally.
LDELETE "source"
- "source"
- Source path.
- Path can be a filename or a directory.
- You can use
*
and?
, or a regular expression when you specify a filename. See Using wildcards and regular expressions for additional information. - If you specify a relative path, the command uses the default inbox.
- Use of macro variables is supported. See Using macro variables (Source File context) for a list of the applicable macros.
- If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
LREPLACE
Replace bytes in one or more files locally.
LREPLACE "source" Replace="input bytes" With="output bytes"
- "source"
- Source path.
- Path can be to a filename or to a directory.
- You can use
*
and?
, or a regular expression when you specify a filename. See Using wildcards and regular expressions for additional information. - If you specify a relative path, the command uses the default inbox.
- You can use macro variables. See Using macro variables (Source File context) for a list of the applicable macros.
- If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
- "input bytes"
- List of bytes to be replaced.
- Comma separated list of byte values (0-255).
- All bytes in comma-separated list must be found in the file in listed sequence in order to be replaced.
- "output bytes"
- List of bytes to be substituted for original
input bytes
.- Comma separated list of byte values (0-255).
- If
With
parameter is omitted, then theinput bytes
are deleted from the file.
CHECK
See CHECK Command for information about this command.
SCRIPT
See SCRIPT command for information about this command.
Comment
# text...
Lines in the action starting with a # character are considered comments and will be ignored when the action executes. Lines starting with # are generally used for documentation purposes.
Comments
0 comments
Please sign in to leave a comment.