My question was not about SMPE, rather it was for uploading data to testcase.boulder.ibm.com. I have SMPE setup for internet delivery and did in fact need to do a certificate exchange to get it to work. I had to go to ShopZseries and "order" a certificate which I imported into RACF and attached it to the keyring "FtpSecur" which you mention in your configuration.
Wouldn't I need to do a similar certificate exchange with IBM to enable FTPS to testcase.boulder.ibm.com? Andrew Arentsen Senior Mainframe Systems Engineer From: "Jousma, David" <000001a0403c5dc1-dmarc-requ...@listserv.ua.edu> To: IBM-MAIN@LISTSERV.UA.EDU Date: 05/24/2018 09:23 AM Subject: Re: File transfer Red Alert Sent by: "IBM Mainframe Discussion List" <IBM-MAIN@LISTSERV.UA.EDU> No keys need to be manually exchanged. The needed setup is buried in the SMPE Receive from network guide for the FTP client(your end) parm changes that are needed. Then there is the needed firewall rules on your end(if applicable) to setup. Then on this page: https://www-05.ibm.com/de/support/ecurep/help_ftp.html a blurb about the required port ranges that your firewall people have to open up between your site IP and the IP of testcase.boulder.ibm.com (if you are in the US). My FTP client is using passive FTP, but the session still hangs after the ls, dir, put or get commands. Ask your firewall administrator to allow connections to the port range 65024 - 65535 for our FTP server. Or, alternatively, your company might use some sort of Proxy, to provide the access, but you still need the appropriate FTP client options. //SYSFTPD DD * SECURE_FTP ALLOWED SECURE_MECHANISM TLS TLSRFCLEVEL CCCNONOTIFY TLSMECHANISM FTP SECURE_DATACONN PRIVATE KEYRING FtpSecur EPSV4 TRUE _________________________________________________________________ Dave Jousma Manager Mainframe Engineering, Assistant Vice President david.jou...@53.com 1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Andrew Arentsen Sent: Thursday, May 24, 2018 10:14 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: File transfer Red Alert **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** While I still can't find a link on IBM's ECuRep to create an ID/token to upload files, I also cannot find any documentation on the implementation of FTPS. I'm assuming there needs to be some sort of key exchange so that I can setup my AT-TLS rules to secure the FTP to testcase.boulder.ibm.com. Does anyone know if such keys or documentation exists for this? Andrew Arentsen Senior Mainframe Systems Engineer ********************************************************************** This e-mail is confidential. If you are not the intended recipient, you must not disclose or use the information contained in it. If you have received this e-mail in error, please tell us immediately by return e-mail and delete the document. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ********************************************************************** This e-mail is confidential. If you are not the intended recipient, you must not disclose or use the information contained in it. If you have received this e-mail in error, please tell us immediately by return e-mail and delete the document. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
