WS_FTP - How to connect to IBM’s Information Exchange VAN

Product: Version: Platform:
WS_FTP 8.0 All

Question/Problem: How do I make WS_FTP Pro establish an SSL connection to IBM’s Information Exchange (IE)VAN?

Answer/Solution: To successfully connect to IE, you must use WS_FTP version 8.0x or version 7.5 (7.62 will not work).  

WS_FTP - Do SSL connections work in version 8.02?

You will need to convert the IE/FTP certificates that you downloaded from  IBM in PKCS#12 format to PEM format.  One option to get your certificate into the proper format is using OpenSSL.  OpenSSL may have already been installed as a prerequisite for the client. If not, it may be obtained from:

link to download: openssl-0.9.6c-bin-win32.zip

Converting PKCS#12 Certificates into PEM format
1.  Run OpenSSL and use the following commands to convert the certificate:

OpenSSL> pkcs12 -in yourfilename.pfx -out yourfilename.pem

2.  At "Enter Import Password:" enter the password you created when exporting the certificate from your Web browser.

3.  At "Enter PEM pass phrase:" enter a new password, or you may keep using the same password.

4.  At "Verifying password - Enter PEM pass phrase:" re-enter the same password you just typed.

The certificates and keys are now in a PEM file.

Importing the PEM certificate into WS-FTP Pro 8.0

1.  Select Options-Program Options and then Client Certificates.  Click on Import.

2.  Browse to the certificate file that you just created in PEM format.  Click Next.

3.   Browse to the same PEM file that you just created again.   Click Next.

4.  Type in a name for your certificate.  Something like ‘IBM’ is suggested, so you don’t get it mixed up with any other certificates you may be using.  Click Next.

5.  Enter in the pass phrase that you created in steps 3 and 4 of  the OpenSSL procedures.  Click Next.   Click Finish on the next screen that shows your certificate data.

 

Setting up the connection to Information Exchange

1.  Go to Sites-Organize Sites.  Click on Create Site.  Type in a name for this connection.  Click Next.  

2.  Enter ieftpint2.services.ibm.com in the Host Address field.  Click Next.

3.  Enter in your IE account and IE user ID on the User Id field.   The format to use is account.userid with no spaces.   Type in your IE password (not your network password) in the Password field.  Check the save password box in order to not have to type it in every time you connect.   Account must be left blank.  Click Next.

4.  Select ‘FTP/SSL (AUTH SSL)’ for the Server Type.  The Port is 21.  Click Next.

5.  Select ‘UNIX (standard)’ as the Host Type.  Passive Mode should be checked.  Click Next.

6.      Setting up firewall rules would be specific to your network.  Selecting <no firewall> is recommended for the Firewall field.   On your firewall itself, you will need the following in place:

a.       FTP access to ieftpint2.services.ibm.com on port 21.

b.      Ports 1024 and above ENABLED (not opened) for passive FTP.

7.      Click Finish.

Document #:   Revision Date:
WS-20030625-DM01   04/08/04

Return To KnowledgeBase Search Page