ECuRep
MVS or z/OS
VM or z/VM
VSE/ESA or z/VSE
OS/400 or IBM i
Other
Standard data upload
Secure data upload
	Secure FTP with SSL/TLS
	Secure FTP over SSH
	Secure HTTPS-based data upload
	Mail
Country/Region Codes
Exchanging diagnostic data with IBM
In case of problems

Secure FTP with SSL/TLS

A default FTP connection does not have any security. Secure and trusted data transfer is important. We offer a secure and trusted way to transfer your data to IBM via Secure FTP. Secure FTP provides File Transfer Protocol capability plus the security of Secure Sockets Layer/Transport Layer Security (SSL/TLS) for your data transfers. In order to use this, your FTP client must support SSL/TLS and your firewall must be transparent for secure FTP. The FTP client decides whether it wants the session to be encrypted by sending the AUTH command to the server to switch to using SSL.

For detailed description of secure FTP please have a look at your system related documentation.

Note: Using cryptographic functions may reduce the transfer rate considerably.

If your FTP client supports SSL and TLS, activate these options and use port 21. Here is a sample logon log of a FTP client, the important lines applicable to SSL/TLS are marked. During initial establishment of the session, the server and your client will decide about a method which is supported at both ends. After this, our server will ask you to accept our certificate and, when you accept it, a secure session is established. Please check whether the certificate is a valid IBM certificate.

The secure FTP server supports the following options:
RC2 Block cipher developed at RSA Data Security
RC4 Stream cipher developed at RSA Data Security
DES 56 bits of security
3DES Digital Encryption Standard -168 bits of security
AES Advanced Encryption Standard - 256 bits of security

The hashing algorithms are:
MD5 Algorithm that converts to fixed size (16 bytes)
SHA Secure Hash Algorithm that converts to a 20-byte output

Port: 21
Protocols: SSL, TLS

The certificate is from "Equifax Secure Certificate Authority". When using MVS (OS/390, z/OS) FTP client, please be sure to obtain the CA ROOT Certificate from GeoTrust or use this link for the certificate and installation instructions.

We have successfully tested several different implementations of FTP clients. Take a look at the documentation of your FTP client to check whether secure FTP is supported. If you have problems configuring secure FTP on your system, contact your local support or the provider of your FTP client.

Sample logon to FTP

If you cannot see the AUTH TLS command, you can check the status of the session with a remote "stat" command. The marked lines indicate a secure session.

Sample stat command

Like for standard FTP file upload, a file naming convention needs to be met. Please read the file naming convention documents for your operating system platform:

MVS

VM

VSE

OS/400 or IBM i

other