Managing OFTP2 trading partners
In order to send or receive OFTP2 messages, you must first create an OFTP2 trading partner. See also Trading Partners for a description of what a trading partner is.
Creating an OFTP2 Trading Partner
Basic
Name - A unique name identifying this trading partner.
Company - Company name for this trading partner.
Email - Email address for this trading partner.
Connection
Host/IP - The hostname or IP address of the remote OFTP2 service.
Port - The port of the remote OFTP2 service.
Timeout - The timeout in seconds for establishing a connection to the remote OFTP2 service.
Username - The username to use when logging into the remote OFTP2 service. This username should match the username of an existing account on the remote OFTP2 service. It should also match the Identification code (OFTP2 ID) of the OFTP2 service on this (local) MFT Server instance. To clarify, it's NOT supposed to match the OFTP2 ID of the remote OFTP2 service.
Password - The password to use when logging into the remote OFTP2 service.
SSL
Use SSL - If switched on, enables SSL protection for this trading partner connection. Practically all OFTP2 production environments will require the use of TLS, so this setting will need to be enabled in almost all situations.
Host certificate - The host certificate to use when validating SSL certificate of server. This key is sourced from Host Keys tab in Key Manager. Empty value indicates that any host certificate will be trusted.
(Client) Key - The client key to use when authenticating with SSL service. This key is sourced from the Server Keys tab in Key Manager.
Message
Destination ID - The trading partner OFTP2 ID
SecureAuthentication
Use secure authentication - If switched on, enables OFTP2 secure authentication phase during protocol handshake.
Authentication certificate - The peer certificate used for OFTP2 secure authentication operation. This certificate is sourced from Client Keys in Key Manager.
Authentication key - The private key used in secure authentication operation. This key is sourced from Server Keys in Key Manager.
Signature & Receipt
File signature verification certificate - The peer certificate used for verifying signature of inbound files received from this trading partner. This certificate is sourced from Client Keys in Key Manager.
File signing key - When checked, enables outbound file signing. From the drop-down list, select the private key to use for signing outbound files sent to this trading partner. This key is sourced from Server Keys in Key Manager.
Receipt signature verification certificate - When checked, requests a signed receipt. From the drop-down list, select the peer certificate used for signature verification of inbound receipts received from this trading partner. This certificate is sourced from Client Keys in Key Manager.
Receipt signing key - The private key used for signing outbound receipts sent to this trading partner. This key is sourced from Server Keys in Key Manager.
Signature algorithm - The algorithm to be applied when using digital signatures
Encryption & Decryption
File encryption certificate - When checked, enables outbound file encryption. From the drop-down list, select the peer certificate to use for encrypting outbound files sent to this trading partner. Certificates are sourced from Client Keys in Key Manager.
File decryption key - The private key used for decrypting files received from this trading partner. This key is sourced from Server Keys in Key Manager.
Advanced
Cipher suite - The cipher suite name used for outbound file encryption.
Automatically generate receipt in server mode - Enables automatic receipt generation for incoming files in server mode. Disabling this option allows for generation of receipts manually.
Enable compression - Enables outbound file compression.
Allow certificate exchange - Allows OFTP2 certificate exchange procedure with this partner. Disabling this option will reject any incoming certificate exchange requests for this partner.
Allow relay - Allows for receiving of files from this partner with destination OFTP2 ID that is different from the local OFTP2 ID. Files received under these conditions will not be placed to the local virtual file system but will be forwarded to the final target destination when the opportunity presents itself.