Enabling SSL on the Site
Specify SSL versions and ciphers before enabling SSL connections. SSL must first be enabled on EFT and Site, then can be enabled in the Settings Template and user.
You can inherit the TLS settings from the server, or specify different settings on the site.
See also Enabling SSL on the Server and TLS 1.3 Support.
If you require certificates from connecting clients before they can connect, then their certificate must be in the Trusted Certificates Database or signed by a certificate in the Trusted Certificate Database.
If you are using SSL authentication for accounts that need to send AS2 transfers, leave it at the default password authentication, not certificate authentication.
EFT does not support SSL Certificate Private Keys without passphrases.
To enable SSL and assign the certificate
-
In the administration interface, connect to EFT and click the Server tab.
-
Click the Site you want to configure.
-
In the right pane, select the Connections tab, then select the applicable protocol check boxes (FTPS, HTTPS, and/or AS2).
-
In the SSL certificate settings area, click Configure. Refer to Assigning a Certificate for details of configuring SSL.
-
Click OK to close the dialog box.
-
Click Apply to save the changes to EFT.
TLS Settings on the Site
On a Site's Connections tab, you can configure TLS settings specifically for that Site, or choose to inherit the settings from the server, which is the default.
To specify TLS settings on the Site
-
In the administration interface, connect to EFT and click the Server tab.
-
Click the Site you want to configure.
-
In the right pane, select the Connections tab, then select the applicable protocol check boxes (FTPS, HTTPS, and/or AS2).
-
Next to SSL security settings, click Configure. The TLS Certificate Settings dialog box appears.
-
The Inherit from server settings check box is selected by default. If you need to specify different settings for this Site, clear the check box, then select or clear the Minimum Protocol Version to use, the Allowed ciphers, and the Resulting ciphers.
Refer to TLS 1.3 Supportand Enabling SSL on the Server for more information on specifying these settings.