SecureTransport 5.4 Administrator Guide Save PDF Selected topic Selected topic and subtopics All content Revision history The following changes are added to the SecureTransport 5.4 Administrator's guide: SecureTransport version Document revision number Updated topics 5.4 rev. 01 – initial version 5.4 rev. 02 Advanced SSL Settings updated in: AS2 transfer sites SSH transfer sites HTTP(S) transfer sites PeSIT transfer sites FTP(S) transfer sites 5.4 rev. 03 Transfer Sites updated with Alternative endpoints: AS2 transfer sitesHTTP(S) transfer sitesSSH transfer sitesPeSIT transfer sitesFTP(S) transfer sites Extended server control view topic added: Extended Server ControlAdd an FTP serverAdd an SSH serverAdd an HTTP serverAdd an AS2 serverAdd a PeSIT server 5.4 rev. 04 A "Redirect hostname" option added to the Add an HTTP server topic. 5.4 rev. 05 MS SQL 2017 support added to the Axway and third-party software support topic for: Enterprise Cluster SecureTransport on AWS 5.4 rev. 06 Maximum parallel transfers configuration added to the following subtopics: Transfer site properties AS2 transfer sites HTTP(S) transfer sites SSH transfer sites FTP(S) transfer sites Generic HTTP transfer sites SharePoint transfer sites Standard cluster setup – Configuration optimizations in case of increased transfers load Enterprise cluster setup – Configuration optimizations in case of increased transfers load 5.4 rev. 07 An "Explicitly uses SiteMinder Attributes" option added to SiteMinder integration configuration DSA key support for SSH authentication on transfer sites added 5.4 rev. 08 Start/Stop controls for Folder Monitor and Scheduler added to Extended Server Control for SecureTransport Server Define attribute mappings for a domain topic updated Total number of Active users added to Display the list of user accounts Total number of search results added to Track file transfer activity 5.4 rev. 09 Graceful shutdown of Transaction Manager topic added Generate Usage report topic added 5.4 rev. 10 Define Address Book settings for a domain updated Zero downtime in active-passive deployment added Graceful shutdown updated with Graceful shutdown of Transaction Manager and Graceful shutdown of SecureTransport Server node 5.4 rev. 11 Track file transfer activity updated 5.4 rev. 12 XFB Tracked Object attributes updated Configure SecureTransport to send events to Axway Sentinel updated 5.4 rev. 13 Using DXAGENT_TRANSFERSAPI variables in transfer sites added Extended Server Control updated 5.4 rev. 14 The following topics are updated to reflect the added support for Microsoft Windows Server 2016 and Microsoft Windows Server 2019: Axway and third-party software support Real users 5.4 rev. 15 The following topics are updated with instructions on configuring Pre-connection in PeSIT transfer sites and automatic SSL mode detection for PeSIT transfers: Manage the PeSIT server Add a PeSIT server PeSIT transfer sites PeSIT file transfers fail over TLSv1 Legacy for certain ciphers PeSIT file transfer from SecureTransport to other MFT products fail over TLSv1 Legacy for certain ciphers 5.4 rev. 16 Substring added to the EL functions in the Predefined functions topic Oracle 18c added to the list of Axway and third-party software support New User class variables added to Custom expressions Configure a secret questionupdated with instructions for setting minimum length for the Secret question answer Status scripts added to Utility files 5.4 rev. 17 The following topics are updated with information and instructions on using custom JDBC URLs for external Oracle and Microsoft SQL Server databases: Change the external Oracle database Change the external Microsoft SQL Server database 5.4 rev. 18 Configure a secret question updated with details on steaming environment configuration View file transfer information updated Configure SSH server settings updated Applications topic updated 5.4 rev. 19 SSLCypher and SSLAuth attributes in XFB Tracked Object attributes updated Pluggable Transfer Sites topic updated 5.4 rev. 20 PeSIT transfer sites updated with new settings (Connection timeout, Originator, Store and Forward Mode, and Final destination) Send To Partnerupdated with new advanced PeSIT setting (Originator) FinalReceiverId and OriginalSenderId in XFB Tracked Object attributes updated due to behavior changes Command line client (FTP, FTPS, HTTPS, and SSH) user authentication updated Configure client certificate authentication settings updated Utility files updated Pluggable authentication updated with instructions for updating plug-ins Pluggable аuthorization updated with instructions for updating plug-ins Subscribe to Advanced Routing application updated with details on using flow and subscription attributes Mail template commands and variables updated Account templates updated Session related EL expressions updated Change the external Microsoft SQL Server database updated FIPS-certified cryptographic libraries and Advertised ciphers and cipher suites in FIPS mode updated Instructions for Configuring asynchronous MDN receipts with AS2 transfers added 5.4 rev. 21 PeSIT transfer sites updated 5.4 rev. 22 repconv in Utility files updated 5.4 rev. 23 SSH transfer sites updated with Test connection Zero downtime in active-passive deployment updated Graceful shutdown of SecureTransport Server node added Password policy updated with Minimum password age External Script updated with Run scripts as root option Enterprise Cluster rules updated View file transfer information updated with X-Forwarded-For parameter General log files updated to cover the scenario when the user is connecting through an HTTP proxy or a load balancer XFB Tracked Object attributes updated Event states updated Configure SecureTransport to send events to Axway Sentinel updated Axway Sentinel tracked objects updated with EnvironmentID 5.4 rev. 23 Standard browser client updated with instructions on how to control the display of server information and configure response caching policies Axway and third-party software support updated Axway Sentinel tracked objects updated with parentCycleID CycleId calculation updated with SFTP transfer tracking XFB Tracked Object attributes updated with parent cycle ID 5.4 rev. 24 New settings to avoid filename collision added to the Decompress step Custom Expression Language functions and variables updated 5.4 rev. 25 Oracle 19c added to Axway and third-party software support PeSIT pre-connection settings updated New metrics added to the SecureTransport usage report SecureTransport cipher suites topic moved to SecureTransport 5.4 Security Guide hmac-sha256 and hmac-sha256@ssh.com cipher suites added to the FIPS allowed MACs 5.4 rev. 26 FIPS transfer mode updated Advertised ciphers and cipher suites in FIPS mode updated The following topics are updated with new settings for protocol servers that allow modifying the list of allowed cipher suites, ciphers, and algorithms in FIPS mode. Add an FTP server Add an SSH server Add an HTTP server Add an AS2 server Add a PeSIT server The following topics are updated with new settings in the transfer site configuration that allow modifying the list of allowed cipher suites, ciphers, and algorithms in FIPS mode AS2 transfer sites FTP(S) transfer sites HTTP(S) transfer sites PeSIT transfer sites SSH transfer sites 5.4 rev. 27 repconv in Utility files updated ProtocolFileName and ProtocolFileLabel in XFB Tracked Object attributes updated Configure Kerberos as an Identity Provider in SecureTransport topic updated 5.4 rev. 28 Manage subscriptions topic updated 5.4 rev. 29 Advertised ciphers and cipher suites in FIPS mode updated PGP Encryption topic updated PGP DecryptionPGP Encryption topic updated 5.4 rev. 30 New topic added: Command line directory or file listing Modify the log4j files updated Manage subscriptions updated Bandwidth limits updated 5.4 rev. 31 Custom expressions updated with new user attributes 5.4 rev. 32 Server log updated Track file transfer activity updated 5.4 rev. 33 Disable the SecureTransport login updated Standard browser client updated Command line directory or file listing updated Add an SSH server updated "Configure security policies and HTTP response headers" topic moved to SecureTransport 5.4 Security Guide 5.4 rev. 34 The following topics are updated with new configuration options to control the usage of expired certificates: SSH transfer sites HTTP(S) transfer sites PeSIT transfer sites FTP(S) transfer sites 5.4 rev. 35 Publish To Account topic updated with a configuration option for better control over Replace of existing file 5.4 rev. 36 Manage an active/passive cluster updated 5.4 rev. 37 SSH transfer sites topic added Update Permissions with Chmod Command option, to determine whether to use chmod or umask command to change file permissions 5.4 rev. 38 Added steps relating to the Subscription Folder Discovery option, to better handle multiple subscriptions, in: Create a user account and Manage account templates External Script topic updated examples of script expressions 5.4 rev. 39 Create an Archive Maintenance application updated with options to enable multithreading and set a runtime limit New troubleshooting topics added: Troubleshooting I/O problems AR fails while copying the file to sandbox 5.4 rev. 40 Configure SecureTransport to send events to Axway Sentinel updated 5.4 rev. 41 Duplicate an account updated Corrected the example to attach a logger to a non-blocking asynchronous appender in Modify the log4j files Add a server to a cluster updated Remove a server from a cluster updated New subsection "Proxy states and blacklisting" added to Manage the communication across Transaction Manager, protocol and proxy servers 5.4 rev. 42 Filesystem restrictions updated Related Links
Revision history The following changes are added to the SecureTransport 5.4 Administrator's guide: SecureTransport version Document revision number Updated topics 5.4 rev. 01 – initial version 5.4 rev. 02 Advanced SSL Settings updated in: AS2 transfer sites SSH transfer sites HTTP(S) transfer sites PeSIT transfer sites FTP(S) transfer sites 5.4 rev. 03 Transfer Sites updated with Alternative endpoints: AS2 transfer sitesHTTP(S) transfer sitesSSH transfer sitesPeSIT transfer sitesFTP(S) transfer sites Extended server control view topic added: Extended Server ControlAdd an FTP serverAdd an SSH serverAdd an HTTP serverAdd an AS2 serverAdd a PeSIT server 5.4 rev. 04 A "Redirect hostname" option added to the Add an HTTP server topic. 5.4 rev. 05 MS SQL 2017 support added to the Axway and third-party software support topic for: Enterprise Cluster SecureTransport on AWS 5.4 rev. 06 Maximum parallel transfers configuration added to the following subtopics: Transfer site properties AS2 transfer sites HTTP(S) transfer sites SSH transfer sites FTP(S) transfer sites Generic HTTP transfer sites SharePoint transfer sites Standard cluster setup – Configuration optimizations in case of increased transfers load Enterprise cluster setup – Configuration optimizations in case of increased transfers load 5.4 rev. 07 An "Explicitly uses SiteMinder Attributes" option added to SiteMinder integration configuration DSA key support for SSH authentication on transfer sites added 5.4 rev. 08 Start/Stop controls for Folder Monitor and Scheduler added to Extended Server Control for SecureTransport Server Define attribute mappings for a domain topic updated Total number of Active users added to Display the list of user accounts Total number of search results added to Track file transfer activity 5.4 rev. 09 Graceful shutdown of Transaction Manager topic added Generate Usage report topic added 5.4 rev. 10 Define Address Book settings for a domain updated Zero downtime in active-passive deployment added Graceful shutdown updated with Graceful shutdown of Transaction Manager and Graceful shutdown of SecureTransport Server node 5.4 rev. 11 Track file transfer activity updated 5.4 rev. 12 XFB Tracked Object attributes updated Configure SecureTransport to send events to Axway Sentinel updated 5.4 rev. 13 Using DXAGENT_TRANSFERSAPI variables in transfer sites added Extended Server Control updated 5.4 rev. 14 The following topics are updated to reflect the added support for Microsoft Windows Server 2016 and Microsoft Windows Server 2019: Axway and third-party software support Real users 5.4 rev. 15 The following topics are updated with instructions on configuring Pre-connection in PeSIT transfer sites and automatic SSL mode detection for PeSIT transfers: Manage the PeSIT server Add a PeSIT server PeSIT transfer sites PeSIT file transfers fail over TLSv1 Legacy for certain ciphers PeSIT file transfer from SecureTransport to other MFT products fail over TLSv1 Legacy for certain ciphers 5.4 rev. 16 Substring added to the EL functions in the Predefined functions topic Oracle 18c added to the list of Axway and third-party software support New User class variables added to Custom expressions Configure a secret questionupdated with instructions for setting minimum length for the Secret question answer Status scripts added to Utility files 5.4 rev. 17 The following topics are updated with information and instructions on using custom JDBC URLs for external Oracle and Microsoft SQL Server databases: Change the external Oracle database Change the external Microsoft SQL Server database 5.4 rev. 18 Configure a secret question updated with details on steaming environment configuration View file transfer information updated Configure SSH server settings updated Applications topic updated 5.4 rev. 19 SSLCypher and SSLAuth attributes in XFB Tracked Object attributes updated Pluggable Transfer Sites topic updated 5.4 rev. 20 PeSIT transfer sites updated with new settings (Connection timeout, Originator, Store and Forward Mode, and Final destination) Send To Partnerupdated with new advanced PeSIT setting (Originator) FinalReceiverId and OriginalSenderId in XFB Tracked Object attributes updated due to behavior changes Command line client (FTP, FTPS, HTTPS, and SSH) user authentication updated Configure client certificate authentication settings updated Utility files updated Pluggable authentication updated with instructions for updating plug-ins Pluggable аuthorization updated with instructions for updating plug-ins Subscribe to Advanced Routing application updated with details on using flow and subscription attributes Mail template commands and variables updated Account templates updated Session related EL expressions updated Change the external Microsoft SQL Server database updated FIPS-certified cryptographic libraries and Advertised ciphers and cipher suites in FIPS mode updated Instructions for Configuring asynchronous MDN receipts with AS2 transfers added 5.4 rev. 21 PeSIT transfer sites updated 5.4 rev. 22 repconv in Utility files updated 5.4 rev. 23 SSH transfer sites updated with Test connection Zero downtime in active-passive deployment updated Graceful shutdown of SecureTransport Server node added Password policy updated with Minimum password age External Script updated with Run scripts as root option Enterprise Cluster rules updated View file transfer information updated with X-Forwarded-For parameter General log files updated to cover the scenario when the user is connecting through an HTTP proxy or a load balancer XFB Tracked Object attributes updated Event states updated Configure SecureTransport to send events to Axway Sentinel updated Axway Sentinel tracked objects updated with EnvironmentID 5.4 rev. 23 Standard browser client updated with instructions on how to control the display of server information and configure response caching policies Axway and third-party software support updated Axway Sentinel tracked objects updated with parentCycleID CycleId calculation updated with SFTP transfer tracking XFB Tracked Object attributes updated with parent cycle ID 5.4 rev. 24 New settings to avoid filename collision added to the Decompress step Custom Expression Language functions and variables updated 5.4 rev. 25 Oracle 19c added to Axway and third-party software support PeSIT pre-connection settings updated New metrics added to the SecureTransport usage report SecureTransport cipher suites topic moved to SecureTransport 5.4 Security Guide hmac-sha256 and hmac-sha256@ssh.com cipher suites added to the FIPS allowed MACs 5.4 rev. 26 FIPS transfer mode updated Advertised ciphers and cipher suites in FIPS mode updated The following topics are updated with new settings for protocol servers that allow modifying the list of allowed cipher suites, ciphers, and algorithms in FIPS mode. Add an FTP server Add an SSH server Add an HTTP server Add an AS2 server Add a PeSIT server The following topics are updated with new settings in the transfer site configuration that allow modifying the list of allowed cipher suites, ciphers, and algorithms in FIPS mode AS2 transfer sites FTP(S) transfer sites HTTP(S) transfer sites PeSIT transfer sites SSH transfer sites 5.4 rev. 27 repconv in Utility files updated ProtocolFileName and ProtocolFileLabel in XFB Tracked Object attributes updated Configure Kerberos as an Identity Provider in SecureTransport topic updated 5.4 rev. 28 Manage subscriptions topic updated 5.4 rev. 29 Advertised ciphers and cipher suites in FIPS mode updated PGP Encryption topic updated PGP DecryptionPGP Encryption topic updated 5.4 rev. 30 New topic added: Command line directory or file listing Modify the log4j files updated Manage subscriptions updated Bandwidth limits updated 5.4 rev. 31 Custom expressions updated with new user attributes 5.4 rev. 32 Server log updated Track file transfer activity updated 5.4 rev. 33 Disable the SecureTransport login updated Standard browser client updated Command line directory or file listing updated Add an SSH server updated "Configure security policies and HTTP response headers" topic moved to SecureTransport 5.4 Security Guide 5.4 rev. 34 The following topics are updated with new configuration options to control the usage of expired certificates: SSH transfer sites HTTP(S) transfer sites PeSIT transfer sites FTP(S) transfer sites 5.4 rev. 35 Publish To Account topic updated with a configuration option for better control over Replace of existing file 5.4 rev. 36 Manage an active/passive cluster updated 5.4 rev. 37 SSH transfer sites topic added Update Permissions with Chmod Command option, to determine whether to use chmod or umask command to change file permissions 5.4 rev. 38 Added steps relating to the Subscription Folder Discovery option, to better handle multiple subscriptions, in: Create a user account and Manage account templates External Script topic updated examples of script expressions 5.4 rev. 39 Create an Archive Maintenance application updated with options to enable multithreading and set a runtime limit New troubleshooting topics added: Troubleshooting I/O problems AR fails while copying the file to sandbox 5.4 rev. 40 Configure SecureTransport to send events to Axway Sentinel updated 5.4 rev. 41 Duplicate an account updated Corrected the example to attach a logger to a non-blocking asynchronous appender in Modify the log4j files Add a server to a cluster updated Remove a server from a cluster updated New subsection "Proxy states and blacklisting" added to Manage the communication across Transaction Manager, protocol and proxy servers 5.4 rev. 42 Filesystem restrictions updated