Creating a TLS Profile in Gateway

  1. In the left pane of the GUI main window, expand the nodes: Security Management > Transfer Security Management > Security Profile
  2. Right-click the TLS Profile sub-node, and select New... from the context menu.
  3. Gateway displays the New TLS Profile screen.
  4. On the General tab, complete the fields:
  5. Field Description
    Name

    Enter a name for the TLS Profile. The Profile name must be unique in the Network Profile database.
    Maximum: 31 characters.

    For this example we suggest: FTPS_IN
    Profile type Select SERVER from the drop-down list.
    Client authentication Select TLS_AUT_ANONYMOUS from the drop-down list.
    Accepted SSL versions

    Select both of the options:

    • SSLV3
    • TLSV1
    Accepted cipher suites

    Leave the default accepted cipher suites for this example.
    Accepted authorities There are no accepted authorities to provide for this example.

    Certificate templates

    		 There are no certificate templates to provide for this example.
    Trust hosted certificates only Do not select this option for use with PassPort.
    Automatic import of partner certificate chains Do not select this option for use with PassPort.
    Select single certificate Do not select a certificate for use with PassPort.
  6. On the Details tab, complete the fields:
    7. Field Description
    Cache enabled Select this option.
    Regenerate enabled Select this option.
    Exit scheduling Do not select this option.
    Close notify disabled (FTP and HTTP) Select this option.
    Certificate path

    Enter the maximum number of certificates accepted in a certification chain. Any certification chain that contains more elements is rejected.

    Enter 7 for this example.
    User param Do not use this field.
    FTP /SMTP / HTTP section
    Connection securing mode Select Explicit from the drop-down list.
    Global session policy

    This field is only available if you set the Connection securing mode to Explicit.

    Select Mandatory from the drop-down list.
    FTP data session policy

    This field is only available if you set the Connection securing mode to Explicit.

    Select Mandatory from the drop-down list.
  7. On the PassPort PS tab, complete the fields:
    8. Field Description
    Local entity section
    Name Enter the local security entity name for access to the PassPort PS server. Use the security entity we created in the general procedures: Gateway
    Password Enter the entity password.
    Confirmation Confirm the entity password.
    Partner entity section
    Name Do not complete this field.
  8. Click OK to confirm and save.