Sunday, January 31, 2016

Oracle API Gateway : Getting started with FTPS server

In this blog post I going demonstrate how to create a FTPS server inside the Oracle API Gateway (OAG).

Below are the steps required to create FTPS server:

  • Generate SSL certificate for ftps server
  • Configure SSL certificate in OAG
  • Create ftps Incoming file policy
  • Create Password Authentication Policy
  • Create User in OAG
  • Configure ftps server in OAG
  • Test and verify ftps connection using client

Generate SSL certificate for ftps server

You need openssl to create ssl certificate. you can download the openssl from here :

Please follow below blog post to configure ssl certificate

Configure SSL certificate in OAG

  • Open policy studio --> Go to Certificates and Keys --> Certificates --> Click on Create/Import

  • Import the certificate that you have created above, click on import certificate

  • Go to Private Key tab and import the private key

  • Click Ok and finish the certificate import wizard.

Create FTPS incoming file policy

This policy is used to handle the incoming file coming from the ftps client and this is required to create ftps server listener.
  • Under Policies --> Create container "File Transfer" --> Right click and Add Policy, give the name of the policy "FTPS Incoming"
  • Open the FTPS Incoming policy, from the right menu go to Routing --> drag n drop "Save to File" filter.

Note: For the demonstration purpose I am saving the file in local server, you can use other filters according to your usecases.

  • Open "Save to File" filter and configure as below
Create Password Authentication Policy

This policy required to authenticate the client using username and password.

  • Add new policy similary created for FTPS Incoming policy, give the name "Password Authentication"
  • Open the policy, from right menu go to Authentication --> drag n drop Attribute Authentication and configure as below

  • Click Finish.

Create a User in OAG
  • Go to Users and Groups --> Users --> Click on Add, add new user weblogic.

  • Click Ok.
Configure FTPS server in OAG
  • Go to Listeners --> Oracle API Gateway --> Right Click and selct "Add File Transfer Service"
  • Configure as shown below

  • Select Password Authentication policy and FTPS Incoming policy as shown in the picture above
  • Select the IA server Cert that you have created above.
  • The directory used above is default directory, you can change this directory by putting folder name like ${environment.VINSTDIR}/file-transfer/in/weblogic

Test FTPS server connection

You can use any client like Filezilla or WinScp to test the FTPS connection. 
Use the user weblogic that is created in Oracle API Gateway.


No comments:

Post a Comment