Attribute |
Description |
Connect |
Specify how to connect this Endpoint to other entities.
Directly |
Connect to external Trading Partners via CIC Cloud. |
via Access Point |
Use an Access Point to connect to internal FTP servers when inbound ports cannot be opened. If you select this option, you must also select an Access Point. See Managing Access Points for more information. |
|
Encryption Mode |
Specify the kind of encryption to use.
Explicit FTPS |
The command and data ports are both initially clear-text. Then, when an AUTH command is issued, both ports are secure. When you select this value, the Authorization Type field displays. |
Implicit FTPS |
The command and data ports are both secure always. |
Plain FTP |
Both command and data ports are both clear-text always. |
|
Authorization Type |
This field is displayed only when you select Explicit FTPS in the Encryption Mode field. Choose from the following:
Auth SSL |
Use the SSL protocol without protecting the data connection. |
Auth TLS |
Use the SSL protocol and explicitly protect the data connection. |
Auth TLS-C |
Use the TLS protocol without implicitly protecting the data connection.Explicit FTPS |
Auth TLS-P |
Use the TLS protocol and implicitly protect the data connection. |
|
Host |
Enter either a fully qualified domain name (recommended) or an IP address and a port number. Port number 21 is standard for plain FTP and explicit FTPS. Port number 990 is standard for implicit FTPS. |
Username Password Account
|
The credentials used to log in to this Endpoint. Account is optional. |
Data Channel |
Attributes that pertain to how data is passed between the FTP client and FTP server.
Content Type |
Choose ASCII or Binary. ASCII mode will change end-of-line characters when transferring across Windows and non-Windows systems. |
Data Mode |
Sets the default behavior for opening data port connections between the FTP client and FTP server.
Active |
Causes the client to listen for a connection from the server during data transfers. |
Passive |
Causes the server to listen for a connection from the client during data transfers. The server indicates the IP address and port number. The FTP server will cycle through port numbers, usually a subset of 1024-65535. |
Use Command Address |
This field is displayed only when you select Passive in the Data Mode field. Indicates the IP address specified by the server should be ignored and the command port address should be used instead. (This might be necessary if the server is advertising an internal rather than an external IP address.) |
|
|
Open PGP |
OpenPGP protects files being transferred through encryption and signing.
Inbound |
Verify Signed Payloads |
When you select this check box, you are prompted to select the trading partner's signing PGP key. The PGP key named in this field is the same as the outbound encryption PGP key. If you change this value here, it is also changed for the outbound encryption PGP key. See Endpoint Security. |
Accept Encrypted Payloads |
When you select this check box, you are prompted to select your decryption PGP key. The PGP key named in this field is the same as the outbound signing PGP key. If you change this value here, it is also changed for the outbound signing PGP key. See Endpoint Security
|
|
Outbound |
Sign |
Select this check box to sign messages sent from this Endpoint. When you select Sign, you are prompted to select your signing PGP key. The PGP key named in this field is the same as the inbound decryption PGP key. If you change this value here, it is also changed for the inbound decryption PGP key. See Endpoint Security. |
Encrypt |
Apply encryption to messages sent from this Endpoint. When you select Encrypt, you are prompted to select the trading partner's encryption certificate. The PGP key named in this field is the same as the inbound signing PGP key. If you change this value here, it is also changed for the inbound signing PGP key. See Endpoint Security. |
Compress |
Apply ZLIB compression to messages sent from this Endpoint. Choose this option for large files to conserve bandwidth and improve efficiency and security. |
Text Output (ASCII armor) |
Encase encrypted messages in ASCII for ease of sending using standard messaging formats. |
|
|
Advanced |
Security |
TLS Protocol Version Minimum Maximum
|
Select minimum and maximum versions for TLS protocol. Messages from systems using versions of TLS outside the range you specify are not accepted. Choose from the following:
- SSL 3.0
- TLS 1.0 (SSL 3.1)
- TLS 1.1 (SSL 3.2)
- TLS 1.2 (SSL 3.3)
|
TLS Minimum Encryption Key Size |
The minimum encryption key size allowed when selecting a TLS cipher. To prevent the use of low- or medium-strength ciphers, change from the default value of 0 to 112, 128, or 256 (depending on the requirement). Note that if this value is set too high, all ciphers are filtered out causing the No suitable cipher suites are enabled exception to occur. |
TLS Ciphers |
Select All Ciphers to present the list of supported ciphers to the server and allow the server to pick one. Select Select from list to display a list from which you choose a specific cipher. The cipher selected is used with the server for key exchange, encryption, and hashing. If the server does not support the cipher, an SSL handshake error will occur. |
TLS Renegotiation - Allow TLS Legacy Renegotiation
|
Allows legacy renegotiation. Otherwise, the extension described in RFC5746 will be used for renegotiation and any TLS clients must also support this extension. See RFC5746 for a description of the extension and the vulnerability it addresses. |
TLS Client Certificate |
If you want to use TLS client authentication, select the client certificate here. See Working With Certificates.
|
Post Auth Command |
A command or set of commands to be issued after the Explicit SSL Command and login sequence. The PBSZ and PROT commands (PBSZ 0;PROT P ) are required by some servers regardless of the AUTH type used and are necessary for data channel protection (AUTH TLS or AUTH TLS-C). If multiple FTP commands are needed after the AUTH command, set this property to all of the commands separated by semicolons (;). |
|
OpenPGP |
This section is displayed when you select Sign, Encrypt or Compress in the section above.
OpenPGP Algorithms |
Hash Algorithm |
Choose the signing method used when OpenPGP packaging (with signing) is requested from the following:
- MD2
- MD5
- RIPE-MD-160
- SHA-1
- SHA-256
- SHA-384
- SHA-512
|
V3 Signature |
Select this check box to sign messages with Version 3 signatures |
Encryption Algorithm |
Choose the algorithm you want to use to encrypt messages. The remote host receiving the message must be able to decrypt the message using the algorithm you choose. |
Compression Algorithm |
Choose the algorithm you want to use to compress messages. The remote host receiving the message must be able to compress the message using the algorithm you choose. Choose either ZIP or ZLIB. |
|
|
|
Connection and Transfer |
Connection Timeout |
The amount of time allowed to make a connection. Valid range is from 1 - n seconds. Default value is 150 seconds. |
Automatic Retries |
The number of retries that should be made during an attempt. An attempt consists of the number of transfer retries you specify. For example, if you specify 5 retries and 30 seconds, an attempt would consist of 5 retries occurring in the span of 30 seconds.
This setting applies to both sends and receives.
The minimum number of retries is 0 and the maximum is 5.
The time between retries can range from 0 to 120 seconds.
See Retrying Failed File Transfer Attempts.
|
Extended Outbound Retries |
The period of time during which outbound retries are attempted after a failed send attempt and subsequent failed automatic retry. Retries will not be attempted after the end of the period specified.
This period starts when the first retry is attempted and ends after the value you specify elapses.
Minimum value is 15 minutes.
Maximum value is 3 days.
See Retrying Failed File Transfer Attempts.
|
Concurrent Outbound Transfers |
Specify the maximum number of connections that can be transferring to this Endpoint at the same time.
Minimum value is 1 and maximum is 10.
|
Resume failed transfers when rertrying |
Select this check box to retry failed transfers starting where they failed.
|
Subdomain |
If you have more than one subdomain, select the one you want to use for this Endpoint. Note: This field appears only when you have more than one subdomain and Cleo has configured one of those subdomains to be associated with a static IP.
|
Pre Get Command
|
Specify commands to be executed before a GET. This has the benefit of keeping the log results relative to just GETs.
If multiple FTP commands are needed prior to the GET, specify all of the commands separated by semicolons (;). If a specific command needs to contain a semicolon, enclose that specific command in quotes ("). The use of macro variables is supported. See Using Macro Variables in CIC (Post/Pre Command context) for a list of the applicable macros.
|
Pre Put Command |
Specify commands to be executed before a PUT. This has the benefit of keeping the log results relative to just PUTs. In addition, it avoids connecting and logging into the server when there are no files to send.
If multiple FTP commands are needed prior to the PUT, specify all of the commands separated by semicolons (;). If a specific command needs to contain a semicolon, enclose that specific command in quotes ("). The use of macro variables is supported. See Using Macro Variables in CIC (Post/Pre Command context) for a list of the applicable macros.
|
Post Get Command
|
Specify commands to be executed only after a successful GET.
If multiple commands are needed after the GET, specify all of the commands separated by semicolons (;). If a specific FTP command needs to contain a semicolon, enclose that specific FTP command in quotes ("). The use of macro variables is supported. See Using Macro Variables in CIC (Post/Pre Command context) for a list of the applicable macros.
|
Post Put Command |
Specify commands to be executed only after a successful PUT.
If multiple commands are needed after the PUT, specify all of the commands separated by semicolons (;). If a specific FTP command needs to contain a semicolon, enclose that specific FTP command in quotes ("). The use of macro variables is supported. See Using Macro Variables in CIC (Post/Pre Command context) for a list of the applicable macros.
|
|
Comments
0 comments
Please sign in to leave a comment.