Hub Settings
The Hub settings are pre-configured and are based on the settings you have defined in the File Transfer Server.
The following lists the Hub settings options:
General Settings
The following table describes the Hub general setting parameters.
Parameter |
Description |
---|---|
Hub Name |
Defines the logical name of the Hub. |
Home Directory |
Defines the root path where transfered files are stored. If you want to use a different directory for each logged in internal user, you must add \${userName} to the path. C:\temp\${userName} Bob connects to the File Transfer Server and uploads the file a.txt to the root directory, the file is saved in C:\temp\Bob\a.txt. Default: <Agent_Home>/CM/AFT/ftshome/${userName} |
B2B Sub-folder |
Defines the name of the folder under the home directory that contains all the Virtual Folders. For internal users, this folder is hidden. Internal user can only access the B2B virtual folders by typing the B2B sub-folder under the home directory. /b2bhome/ |
Default Fixed Sub-folders |
Determines whether to create fixed incoming and outgoing sub-folders with its own authorization levels for each virtual folder. |
Configuration Port |
Determines the port number used to access the Hub for configuration changes. Default: 28080 |
Send Audit Logs |
Determines whether to generate records to the database. |
Log Level |
Determines one of the following log levels for the Hub:
|
HTTP Settings
The following table describes HTTP Settings for the MFT Enterprise B2B File Exchange web application.
Parameter |
Description |
Location |
---|---|---|
HTTP Port |
Determines the HTTP or HTTPS port number for the MFT Enterprise B2B File Exchange.
|
|
Enable SSL |
Determines whether to enable HTTPS. If you change this parameter, you must change it in the Hub and Gateway settings and in the server.ssl.enabled parameter in the proxyConfig.properties file in the Gateway and restart the Gateway. |
Hub Settings |
Keystore File Path |
Determines the path for the HTTPS keystore file. The keystore must be in PKCS12 format. If FIPS is enabled, the format must be BCFKS. |
Hub Settings |
Keystore File Password |
Determines the password that is used by the Hub to access the HTTPS keystore. Default: abcd1234 If you change this password, the keystore password is not changed. For more information, see Changing the MFT key database password. |
|
Session Timeout |
Determines the number of seconds to wait without any operation before a timeout occurs. |
|
Ping Gateway Initial Delay |
Determines the initial delay before the Hub accesses the Gateways for the first time after the Hub starts. |
|
Ping Gateway Interval |
Determines the interval where the Hub checks for the Gateway availability and parameter updates. |
|
Enable Identity Provider For Internal Users |
Determines whether to configure authentication with an Identity Provider (IdP) for all Control-M MFT Enterprise internal users, as described in Configuring IdP Authentication for Control-M MFT Enterprise Users. |
|
Single Sing On URL |
Defines the IdP URLs or SAML Endpoint, where Control-M MFT Enterprise redirects users to sign in. |
|
Audience URI |
Defines the Service Provider URI that is used for verification. |
|
XML Metadata path |
Defines the generated XML file path from the IdP. |
|
SFTP Settings
The following table describes the SFTP settings between the Hub and the MFT Enterprise B2B Gateway.
Parameter |
Description |
Location |
---|---|---|
SFTP Port |
Determines the port number that the embedded Hub/Gateway listens to for SFTP connections. This port is used by clients to connect to the SFTP server. If you set the port below 1024, which is a privileged port (well-known ports), the MFT Gateway must be executed as root user. Default: 1222 (Hub), 1224 (Gateway). |
|
Session Timeout |
Determines the number of seconds to wait without any operation before a timeout occurs. |
|
External Users SFTP Authentication Method |
Determines one of the following authentication methods used for external users to connect with SFTP:
Default: Password or Key |
|
Internal Users SFTP Authentication Method |
Determines one of the following authentication methods used for internal users to connect with SFTP:
Default: Password or Key |
|
Maximum Concurrent Sessions |
Determines the number of users that can connect to the Hub simultaneously. |
Hub Settings |
Keystore File Path |
Defines the path to the file that contains the client's certificate. The keystore must be in PKCS12 format. If FIPS is enabled, the format must be BCFKS. |
|
Keystore File Password |
Defines the password for the file that contains the server's certificate. Default: abcd1234 If you change this password, the keystore password is not changed. For more information, see Changing the MFT Keystore Password. |
|
Allowed Key Exchange Algorithms |
Determines key exchange algorithms settings used for SFTP. Leave this field empty to use the default algorithms. |
|
Allowed Ciphers |
Determines the cipher security settings used for SFTP. Leave empty to use the default ciphers. |
|
Allowed MAC Algorithms |
Determines MAC algorithms settings used for SFTP. Leave empty to use the default algorithms. |
|
Authorized Keys File Path |
Defines the path to the file that contains authorized users by SFTP. The authorized users file must include all internal user public keys. Each user should be included in the following format: <username> <ssh public key (ssh-rsa format)> |
Hub Settings |
FTP/S Settings
The following table describes FTP/S settings between the Hub and the MFT B2B Gateway.
Parameter |
Description |
Location |
---|---|---|
Listen for FTP/S connection |
Determine whether the Hub/Gateway that supports client connection with the FTP/FTPS protocol is enabled. When internal users connect with FTP/S, they cannot access the B2B sub-folder. To access the B2B sub-folder from inside the organization, use SFTP protocol. |
Hub Settings |
FTP Port |
Determines the port number that the embedded Hub/Gateway listens to for FTP/FTPS connections.
Default: 1221 (Hub), 1223 (Gateway). |
|
Allow multiple open sessions |
Determines whether multiple users can connect to the Hub/Gateway simultaneously. |
|
Maximum Concurrent Open Sessions |
Determines the number of users that can connect to the Hub/Gateway simultaneously. |
|
Maximum Login Failures |
Determines the maximum number of login attempts before a timeout. |
|
Delay Between Login Failures |
Determines the number of seconds to wait after a login failure before the next attempt. |
|
Secured FTP Enabled |
Determines whether FTPS is enabled. If you change this parameter, you must change it in the Hub and Gateway settings and in the server.ssl.enabled parameter in the proxyConfig.properties file in the Gateway and restart the Gateway. |
|
Keystore File Path |
Defines the path to the file that contains the server certificate. The keystore must be in PKCS12 format. If FIPS is enabled, the format must be BCFKS. |
|
Keystore File Password |
Defines the password of the file that contains the server certificate. Default: abcd1234 If you change this password, the keystore password is not changed. For more information, see Changing the MFT Keystore Password. |
|
Allowed Ciphers |
Determines the cipher security settings used for FTPS. |
|
Listen for Implicit Connection |
Determines whether to automatically turn on security after a connection is established between the FTPS client and the Managed File Transfer server. |
|
Passive Ports |
Limits the range of dynamic ports that can be used for passive connections in FTP. Ports can be defined as single ports, closed or open ranges. Multiple definitions must be separated by commas.
|
|
AS2 Settings
The following table describes the Hub AS2 settings.
Parameter |
Description |
---|---|
Listen for AS2 connection on additional ports |
Determines whether the Hub/Gateway that supports client connection with the AS2 protocol is enabled. By default, the Gateway accepts AS2 over HTTPS connections in port 9443. |
Additional AS2 Port |
(Optional) Determines the port on the Hub where AS2 listens for messages. |
Additional MDN Port |
(Optional) Determines the port on the Hub to listen for MDN receipts. |
Hub AS2 ID |
Defines the logical name of your AS2 server. |
AS2 Email |
Defines the email address of the AS2 server. |
AS2 Keystore File Path |
Defines the location where AS2 keystore that contains your certificate and all partner certificates is located. |
AS2 Keystore File Password |
Defines the AS2 keystore password. If you change this password, the keystore password is not changed. For more information, see Changing the MFT key database password. |
Hub AS2 Key Alias |
Defines the alias of your AS2 Server in the keystore. |
Set file name from Content Disposition Header |
Determines whether to name the file as the Content Disposition Header only if it exists. |
Set file name from the HTTP header 'filename' parameter |
Determines whether to name the file according to the filename parameter value in the HTTP header. |
Default AS2 File Name Pattern |
Determines whether to name the file with the defined default value: Default: AS2_${AS2_FROM}_${UUID}.${MIME_TYPE_EXTENSION} Valid Variables:
To avoid overwriting files, use the unique ${UUID} or ${MSG_ID} variables. |
Override existing file |
Determines whether override the file with the same name. |