Add an FTP server

To add an FTP server, go to the extended Server Control page and on the FTP Servers pane, click Actions > Add Server.

The following table presents all parameters and expected values associated with your new FTP server.

Field Description
General
Server Name Enter a unique name of your server.
Enable FTP Select to enable FTP transfers: you must select this option if you want to enable secure FTP (FTPS) transfers.
Enable FTPS Select to enable FTPS transfers.
Enable FIPS

Select to enable FIPS transfer mode for FTPS connections.

By selecting this option, the Enabled FIPS Ciphers field becomes editable.

Port Enter the port number of your FTP or FTPS server.
Host Enter the IP address of your external FTP (or FTPS) host server. Leave this option blank if you do not need an external host.
SSL Key Alias Select an SSL Key Alias from the drop-down list, for example, ftpd.
Enabled Protocols Enter a comma-separated list of SSL protocol versions (TLSv1, TLSv1.1, TLSv1.2 by default).
Key Algorithm

Enter the Key Algorithm (SunX509 by default). Note that with SecureTransport running on AIX systems, the default value is IbmX509.

SSL Protocol Enter the used SSL protocol group: SSL or TLS (TLS by default). Note that with SecureTransport running on AIX systems, the default value is SSL_TLS.
SSL Trust Algorithm Enter the SSL Trust Algorithm (SunX509 by default). Note that with SecureTransport running on AIX systems, the default value is IbmX509.
Enabled Ciphers

Enter the cipher suites to be used with your FTPS server.

For more information on cipher suites, refer to the SecureTransport Cipher suites topic, part of the SecureTransport 5.4 Security guide.

Enabled FIPS Ciphers

Modify the cipher suite set to be used with your FTP server in FIPS mode.

By default, this field is populated with all FIPS compliant TLS cipher suites supported by SecureTransport. For the complete list, see FIPS-compliant TLS cipher suites .

Click the "down arrow" icon on the right to access a drop-down menu with options to select and deselect all items and reset value to the previously saved selection.

For the default FTP server, the list of allowed cipher suites in FIPS mode is determined by the Ftp.FIPS.Listeners.Ssl.EnabledCipherSuites configuration option.

Client Certificate

This drop-down list presents the options to define support for certificate use for FTP authentication. Possible values are:

  • Disabled – no certificate authentication is required
  • Required – the client must authenticate using a certificate
  • Optional – the client can authenticate either using a certificate or a password
FTP Passive Mode
Base Port Enter the passive mode base port (0 by default: this means that SecureTransport will use a random port for FTP passive mode transfers).
Number of Ports The passive mode port range.

Once you are finished entering the parameters of your FTP server, click Save to create it; or Cancel to discard all changes and return to the Server Control page.

Start and stop a server

You can easily start and stop your FTP server.

  • Start your server by clicking the "play" icon:
    A box with a success message pops up on your screen and your server status changes to Running.
  • To stop your server, click the "stop" icon:
    A box with a success message pops up on your screen and your server status changes to Stopped.

You can only start the FTP daemon once the Ftp Default server is operating (enabled). Stopping the daemon will stop all underlying started servers. During daemon start, only the enabled servers will be started. In case of FTP, an "enabled server" means that you have at least selected the Enable FTP option.

Edit FTP server settings

You can change any of the FTP server property values. Note that you can change the server name only when the server is stopped. To update an FTP server, click the corresponding "gear" icon:

A new modal box with the FTP settings pops up. Add your changes and click Save to apply your changes; or Cancel to discard them.

Delete a FTP server

Note You cannot delete or change the name of the "Ftp Default" server from the SecureTransport Administration Tool.

You can only delete a server once it is stopped. You cannot delete a server in Running status.

To delete a server, locate it on the Server Control page, make sure it is stopped and click the corresponding "trashcan" icon:

Related Links