Previous Topic: Verify a Client Keystore on the AgentNext Topic: Maintaining Spool and Log Files

Setting Up and Running FTP WorkloadConfiguring SSL FTPHow to Configure SSL FTP Using a Generated CertificateConfigure an SSL-enabled FTP Client on the Agent

Configure an SSL-enabled FTP Client on the Agent

If you use the agent FTP client to connect to the SSL-enabled FTP server on the agent, you must configure the FTP client for SSL communication as well.

To configure an SSL-enabled FTP client on the agent

  1. Ensure that the following parameter is defined in the QIBM/ProdData/Java400/jdk14/lib/security/java.security file on your i5/OS operating system: 
    security.overridePropertiesFile=true

    The JVM uses the customized java.security file that is installed with the agent. This value allows the JVM to use the java.security provided with the agent for its own communications but does not affect other instances of the JVM for other applications on the i5/OS system. Without defining this property the i5/OS agent will not be able to use SSL.

  2. Open a PASE terminal session.
  3. Change to the agent installation directory.
  4. Enter the following command: 
    ./cybAgent -s

    The agent stops running.

  5. Open the agentparm.txt file.
  6. Set the following parameter: 
    ftp.client.ssl=true
  7. Specify the following parameter:
    ftp.client.ssl.truststore

    Specifies the full path name of the truststore file. The default file name is cacerts. You can use keytool, provided with the JRE, to create your own truststore.

  8. Save and close the agentparm.txt file.
  9. Start the subsystem that runs the agent if it has stopped.
  10. Enter the following command: 
    ./cybAgent

    The agent starts running and the FTP client on the agent is SSL-enabled.