In this blog post I going demonstrate how to create a SFTP server inside the Oracle API Gateway (OAG).
Below are the steps required to create SFTP server:
Generate SSL certificate for sftp server
You need openssl to create ssl certificate. you can download the openssl from here : https://www.openssl.org/source/
Please follow below blog post to configure ssl certificate
http://www.codeconfuse.com/2016/01/how-to-generate-ssl-certificate-using.html
Configure SSL certificate in OAG
Note: For the demonstration purpose I am saving the file in local server, you can use other filters according to your usecases.
Create Password Authentication Policy
This policy required to authenticate the client using username and password.
Configure SFTP server in OAG
Below are the steps required to create SFTP server:
- Generate SSL certificate for sftp server
- Configure SSL certificate in OAG
- Create SFTP Incoming file policy
- Create Password Authentication Policy
- Create User in OAG
- Configure SFTP server in OAG
- Test and verify SFTP connection using client
Generate SSL certificate for sftp server
You need openssl to create ssl certificate. you can download the openssl from here : https://www.openssl.org/source/
Please follow below blog post to configure ssl certificate
http://www.codeconfuse.com/2016/01/how-to-generate-ssl-certificate-using.html
Configure SSL certificate in OAG
- Open policy studio --> Go to Certificates and Keys --> Certificates --> Click on Create/Import
- Import the certificate that you have created above, click on import certificate
- Go to Private Key tab and import the private key
- Click Ok and finish the certificate import wizard.
Create SFTP Incoming Policy
This policy is used to handle the incoming file coming from the sftp client and this is required to create sftp server listener.
- Under Policies --> Create container "File Transfer" --> Right click and Add Policy, give the name of the policy "SFTP Incoming"
- Open the SFTP Incoming policy, from the right menu go to Routing --> drag n drop "Save to File" filter.
Note: For the demonstration purpose I am saving the file in local server, you can use other filters according to your usecases.
- Open "Save to File" filter and configure as below
Create Password Authentication Policy
This policy required to authenticate the client using username and password.
- Add new policy similary created for SFTP Incoming policy, give the name "Password Authentication"
- Open the policy, from right menu go to Authentication --> drag n drop Attribute Authentication and configure as below
- Click Finish.
Create a User in OAG
- Click Ok.
Configure SFTP server in OAG
- Go to Listeners --> Oracle API Gateway --> Right Click and selct "Add File Transfer Service"
- Configure as shown below
- Select Password Authentication policy and SFTP Incoming policy as shown in the picture above
- Select the IA server Cert that you have created above.
- The directory used above is default directory, you can change this directory by putting folder name like ${environment.VINSTDIR}/file-transfer/in/weblogic
Test SFTP server connection
You can use any client like Filezilla or WinScp to test the SFTP connection.
Use the user weblogic that is created in Oracle API Gateway.
Reference
- https://docs.oracle.com/cd/E39820_01/doc.11121/gateway_docs/content/general_file_transfer.html
Hi there, have you been able to fathom out how to do public key authentication of the sftp user rather than use password?
ReplyDeletewell I never tried that, but you can try passing server key pair instead of server certificate in oracle api gateway listener.
Deletecheck this link : https://docs.oracle.com/cd/E39820_01/doc.11121/gateway_docs/content/general_file_transfer.html
Hi , Have you tried to do a POC on FTP service setup , if yes could you please share.
ReplyDeleteWell I did the same way as I mentioned in the post I don't have the samples right now, if you have any issue please post here.
DeleteThanks Anshul for the reply.
DeleteI want to download a txt file to my development server , it means I have to pick from source location and place in my development server.
Could you please tell me what steps I have to take here like you have shown for SFTP.