connection certificates

book

Article ID: 188294

calendar_today

Updated On:

Products

XCOM Data Transport XCOM Data Transport - Windows XCOM Data Transport - Linux PC XCOM - SUPPORT

Issue/Introduction

There is a client that needs to send files to the XCOM Gateway server. The client asks us to deliver a key certificate.

From what I understand from the user, it has its automated transfers, so it does not have the interaction of placing the user and password manually. The user wants us to deliver a certificate containing the username and password in a file to connect to the XCOM Gateway server.


Technically what we know is that the user has a RedHat server running SFTP and from there they need to connect to the XCOM Gateway.

Environment

Release : 12.0

Component : CA XCOM Gateway for Windows

Resolution

We only support password authentication in the gateway for SFTP or FTP.

As we all know, XCOM Gateway interacts with numerous other file transfer protocols like HTTP, FTP, sFTP besides XCOM. 

XCOM Gateway acts as an FTP/sFTP client when it has to interact with external FTP/sFTP servers to import/export files into Gateway policies. Besides this, XCOM Gateway acts as an FTP/sFTP server and allows the external client applications to connect over FTP/sFTP protocols(using FileZilla or WinScp, etc). Traditionally, we always use HTTP/HTTPs to connect with the Gateway server (using URL).  

When it comes to SFTP connections, we can allow an incoming connection in two ways.

  1. Connect using User ID/ Password (Typical use) 
  2. Connect using keys (Using SSH key pair)  

XCOM Gateway used the Apache SSHD server to implement the sFTP server component of Gateway. We have used the traditional User ID/Password mechanism for the authentication module and it doesn't accept the connections using SSH key pair. We need the code changes to implement key-based authentication so that it can allow both types of connections.