SecureTransport 5.5 Administrator Guide Save PDF Selected topic Selected topic and subtopics All content Connect:Direct transfer sites The Connect:Direct transfer sites are not built into SecureTransport. To be able to create and modify transfer sites that use the Connect:Direct protocol, you need to perform the following tasks: Install CDJAI (Connect:Direct Application Interface for Java). Enable file transfers via Connect:Direct. Set the server configuration options for Connect:Direct file transfers. Create a Connect:Direct transfer site. Install CDJAI The IBM Sterling Connect:Direct Application Interface for Java enables SecureTransport to connect to Connect:Direct servers. To install it, you need the CDJAI.jar file, which is provided with the Connect:Direct Java API. Follow the steps: Stop SecureTransport by running <FILEDRIVEHOME>/bin/stop_all. Copy the CDJAI.jar file to the <FILEDRIVEHOME>/lib/jars/external directory on the server running SecureTransport. Edit the <FILEDRIVEHOME>/bin/start_tm_console file to set the correct path to the CDJAI.jar file in the CLASSPATH parameter. If you are using the embedded database, run <FILEDRIVEHOME>/bin/start_db. Start the Administration Tool server by running <FILEDRIVEHOME>/bin/start_admin. The certificate authentication to Connect:Direct servers requires CDJAI version 1.1.00 Fix 000026, as well as SecureTransport 5.5 October 2020 Update or later. If you're running an older CDJAI version, you must replace the jar file following the steps: Stop all services. Replace the jar file. Restart all services. Next, you need to enable the file transfers via Connect:Direct and set the server configuration options related to them. Enable file transfers via Connect:Direct Log in to the Administration Tool, and go to Setup > TM Settings. Enable the ConnectDirectTransfer rules package. Set the server configuration options for Connect:Direct file transfers Go to Operations > Server Configuration. Search for the ConnectDirectTransferAgent parameters. Set ConnectDirectTransferAgent.transfersFolder to the full path of the directory for the SecureTransport Server to use for the Connect:Direct transfers. The directory must be shared between the SecureTransport and the Connect:Direct servers, and the path should be the same on both. Verify that SecureTransport has full permissions for the directory. Note The directory path is not relative to <FILEDRIVEHOME>. Specify a full absolute path from / (root) in UNIX or C:\ or another volume on Windows. To manage purging of the Connect:Direct folder, use the ConnectDirectTransferAgent.transfersFolder.purge server configuration option. By default, it is set to true, which means that the folder used for the Connect:Direct transfers will be purged on Transaction Manager startup. When set to false, no purging is performed. Set ConnectDirectTransferAgent.commandTimeout to the interval in seconds that SecureTransport waits before the transfer times out. Start SecureTransport by running <FILEDRIVEHOME>/bin/start_all. Note In order to obtain error messages for failed command execution, SecureTransport executes the SELECT STATISTICS command. The Connect:Direct user must have permissions to select statistics (cmd.selstats:a) Create a Connect:Direct transfer site In the transfer site definition, select Connect:Direct as Transfer Protocol. For more information, see Manage transfer sites. To create a Connect:Direct transfer site from a template, see Use a site template to define a transfer site. The following table describes the Connect:Direct protocol options for a transfer site: Field Description Transfer Mode Sets the file transfer mode. Valid values: ASCII, Binary, and Auto-detect. The default value is Auto-detect, meaning SecureTransport automatically determines the proper transfer mode based on the file content type. For more information, see Transfer mode for server-initiated transfers. Site Settings Local server name Specifies the domain name or IP address of the local server. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields. Local server port Specifies the port assigned to the local server. You cannot enter spaces-only values in this field. Site Login Credentials Local server user name The username used to log in to the local server. Select the authentication method Password authentication If the local server uses a password, select Use Password and enter the password in the field. Certificate authentication To configure a SecureTransport transfer site to connect to a Connect:Direct server by using a certificate: Exchange the CA certificates between the SecureTransport and the Connect:Direct server: the trusted root certificate file of the Connect:Direct server should be exported, and imported as a trusted CA in SecureTransport; the trusted root certificate file of the SecureTransport server should be exported, and imported on the Connect:Direct server. Generate a local or a private certificate in SecureTransport whose common name field matches the Connect:Direct local user that is going to be used to log in to the Connect:Direct server. Import the certificate in the Connect:Direct server. In the transfer site configuration, select the Use Certificate checkbox and specify the Certificate Alias used for connecting to the Connect:Direct server. You can either select the private certificate you generated at Step 2 from the drop down or import a certificate. When certificate authentication is enabled, the connection uses the default TLS 1.2 protocol and compatible ciphers. Note After reverting the SecureTransport October 2020 Update, the Connect:Direct certificate-based authentication feature will not work, although the certificate placeholder remains visible on the transfer site definition page for sites created using a site template. Send Options Send Script Specifies the Connect:Direct process to execute when uploading a file to a remote site. You must provide a script for either the Send Options or the Receive Options. This field must contain a valid Connect:Direct process language script. You can use expression language variables such as ${stenv.target} in the script. For example, you can use the script field to execute a copy command. The remote server you are calling must be identified by its alias in the script. To correctly identify the file name in a script you must use the variable ${cd_transfer_file}. The variable is required because the file names might not be known at the time you write the script. When creating an upload script you must use ${cd_transfer_file} instead of the file name of the file being uploaded. You cannot enter spaces-only values in this field. Receive Options Receive Script Specifies the Connect:Direct process to execute when downloading a file from a remote site. You must provide a script for either the Send Options or the Receive Options. This field must contain a valid Connect:Direct process language script. You can use expression language variables such as ${stenv.target} in the script. For example, you can use the script field to execute a copy command. The remote server you are calling must be identified by its alias in the script. To correctly identify the file name in a script you must use the variable ${cd_transfer_file}. The variable is required because the file names might not be known at the time you write the script. When creating a download script you must use ${cd_transfer_file} to specify the directory where downloaded files are saved. When downloading a single file, use ${cd_transfer_file}<path_separator><file_name>. For example, ${cd_transfer_file}/xls_sheet.xls. You cannot enter spaces-only values in this field. Note The Send Script and Receive Script accept regular expressions. For more information on writing Connect:Direct scripts, refer to the Connect:Direct documentation. You can use a site template to define a Connect:Direct transfer site. For more information, see Site templates. Related topics: AS2 transfer sites File services interface transfer sites Folder Monitor transfer sites FTP(S) transfer sites Generic HTTP transfer sites HTTP(S) transfer sites PeSIT transfer sites SSH transfer sites System to Human transfer sites Manage transfer sites More SecureTransport 5.5 docs All docs | HTML only | PDF only Related Links
Connect:Direct transfer sites The Connect:Direct transfer sites are not built into SecureTransport. To be able to create and modify transfer sites that use the Connect:Direct protocol, you need to perform the following tasks: Install CDJAI (Connect:Direct Application Interface for Java). Enable file transfers via Connect:Direct. Set the server configuration options for Connect:Direct file transfers. Create a Connect:Direct transfer site. Install CDJAI The IBM Sterling Connect:Direct Application Interface for Java enables SecureTransport to connect to Connect:Direct servers. To install it, you need the CDJAI.jar file, which is provided with the Connect:Direct Java API. Follow the steps: Stop SecureTransport by running <FILEDRIVEHOME>/bin/stop_all. Copy the CDJAI.jar file to the <FILEDRIVEHOME>/lib/jars/external directory on the server running SecureTransport. Edit the <FILEDRIVEHOME>/bin/start_tm_console file to set the correct path to the CDJAI.jar file in the CLASSPATH parameter. If you are using the embedded database, run <FILEDRIVEHOME>/bin/start_db. Start the Administration Tool server by running <FILEDRIVEHOME>/bin/start_admin. The certificate authentication to Connect:Direct servers requires CDJAI version 1.1.00 Fix 000026, as well as SecureTransport 5.5 October 2020 Update or later. If you're running an older CDJAI version, you must replace the jar file following the steps: Stop all services. Replace the jar file. Restart all services. Next, you need to enable the file transfers via Connect:Direct and set the server configuration options related to them. Enable file transfers via Connect:Direct Log in to the Administration Tool, and go to Setup > TM Settings. Enable the ConnectDirectTransfer rules package. Set the server configuration options for Connect:Direct file transfers Go to Operations > Server Configuration. Search for the ConnectDirectTransferAgent parameters. Set ConnectDirectTransferAgent.transfersFolder to the full path of the directory for the SecureTransport Server to use for the Connect:Direct transfers. The directory must be shared between the SecureTransport and the Connect:Direct servers, and the path should be the same on both. Verify that SecureTransport has full permissions for the directory. Note The directory path is not relative to <FILEDRIVEHOME>. Specify a full absolute path from / (root) in UNIX or C:\ or another volume on Windows. To manage purging of the Connect:Direct folder, use the ConnectDirectTransferAgent.transfersFolder.purge server configuration option. By default, it is set to true, which means that the folder used for the Connect:Direct transfers will be purged on Transaction Manager startup. When set to false, no purging is performed. Set ConnectDirectTransferAgent.commandTimeout to the interval in seconds that SecureTransport waits before the transfer times out. Start SecureTransport by running <FILEDRIVEHOME>/bin/start_all. Note In order to obtain error messages for failed command execution, SecureTransport executes the SELECT STATISTICS command. The Connect:Direct user must have permissions to select statistics (cmd.selstats:a) Create a Connect:Direct transfer site In the transfer site definition, select Connect:Direct as Transfer Protocol. For more information, see Manage transfer sites. To create a Connect:Direct transfer site from a template, see Use a site template to define a transfer site. The following table describes the Connect:Direct protocol options for a transfer site: Field Description Transfer Mode Sets the file transfer mode. Valid values: ASCII, Binary, and Auto-detect. The default value is Auto-detect, meaning SecureTransport automatically determines the proper transfer mode based on the file content type. For more information, see Transfer mode for server-initiated transfers. Site Settings Local server name Specifies the domain name or IP address of the local server. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields. Local server port Specifies the port assigned to the local server. You cannot enter spaces-only values in this field. Site Login Credentials Local server user name The username used to log in to the local server. Select the authentication method Password authentication If the local server uses a password, select Use Password and enter the password in the field. Certificate authentication To configure a SecureTransport transfer site to connect to a Connect:Direct server by using a certificate: Exchange the CA certificates between the SecureTransport and the Connect:Direct server: the trusted root certificate file of the Connect:Direct server should be exported, and imported as a trusted CA in SecureTransport; the trusted root certificate file of the SecureTransport server should be exported, and imported on the Connect:Direct server. Generate a local or a private certificate in SecureTransport whose common name field matches the Connect:Direct local user that is going to be used to log in to the Connect:Direct server. Import the certificate in the Connect:Direct server. In the transfer site configuration, select the Use Certificate checkbox and specify the Certificate Alias used for connecting to the Connect:Direct server. You can either select the private certificate you generated at Step 2 from the drop down or import a certificate. When certificate authentication is enabled, the connection uses the default TLS 1.2 protocol and compatible ciphers. Note After reverting the SecureTransport October 2020 Update, the Connect:Direct certificate-based authentication feature will not work, although the certificate placeholder remains visible on the transfer site definition page for sites created using a site template. Send Options Send Script Specifies the Connect:Direct process to execute when uploading a file to a remote site. You must provide a script for either the Send Options or the Receive Options. This field must contain a valid Connect:Direct process language script. You can use expression language variables such as ${stenv.target} in the script. For example, you can use the script field to execute a copy command. The remote server you are calling must be identified by its alias in the script. To correctly identify the file name in a script you must use the variable ${cd_transfer_file}. The variable is required because the file names might not be known at the time you write the script. When creating an upload script you must use ${cd_transfer_file} instead of the file name of the file being uploaded. You cannot enter spaces-only values in this field. Receive Options Receive Script Specifies the Connect:Direct process to execute when downloading a file from a remote site. You must provide a script for either the Send Options or the Receive Options. This field must contain a valid Connect:Direct process language script. You can use expression language variables such as ${stenv.target} in the script. For example, you can use the script field to execute a copy command. The remote server you are calling must be identified by its alias in the script. To correctly identify the file name in a script you must use the variable ${cd_transfer_file}. The variable is required because the file names might not be known at the time you write the script. When creating a download script you must use ${cd_transfer_file} to specify the directory where downloaded files are saved. When downloading a single file, use ${cd_transfer_file}<path_separator><file_name>. For example, ${cd_transfer_file}/xls_sheet.xls. You cannot enter spaces-only values in this field. Note The Send Script and Receive Script accept regular expressions. For more information on writing Connect:Direct scripts, refer to the Connect:Direct documentation. You can use a site template to define a Connect:Direct transfer site. For more information, see Site templates. Related topics: AS2 transfer sites File services interface transfer sites Folder Monitor transfer sites FTP(S) transfer sites Generic HTTP transfer sites HTTP(S) transfer sites PeSIT transfer sites SSH transfer sites System to Human transfer sites Manage transfer sites More SecureTransport 5.5 docs All docs | HTML only | PDF only