Problem

This warning message was not present in previous version / level

The transfer completes successfully

What is the meaning of this new warning message

How can this message be removed from the log

Resolution

With SSL field set in CFTPART, that means that if the CFTSSL Server exists, additional checks will be done when the CFTPART is identified:

• Authentication level check required (CFTSSL command USERCID and VERIFY parameters)
• Check of the security algorithms supported (CFTSSL command CIPHLIST parameter)
• Client certificate DN check (CFTSSL command DNUSER parameter)
• DN check of the authority that issued the client certificate (CFTSSL command DNISSUER parameter)

If the CFTSSL server doesn't exist (this is the customer's case), the warning message "CFTT47W _ Cannot find SSL security profil" is logged .

"
If there is SSL defined in the CFTPART objet. And there isn't CFTSSL type=server defined. So when the CFTPART is identified for an incoming call, the warning message is logged. And no additional check will be done for the CFTPART (this is the meaning of the warning message). So the transfer will continue without these checkings and can succeed.

The warnig message can be useful if the customer wants to have these checking. In this case, if no warning, the fact that transfer will succeed without any message can be considered as a security failure.

Another solution is simply blocking the transfer, but this is not the choice of the feature design.

If the customer doesn't want to log some messages, they can use an exclusion log filter.

Here the explanation in the documentation:

https://docs.axway.com/bundle/TransferCFT_332_LocalAdministrationGuide_allOS_en_HTML5/page/Content/GUI/Monitoring/Create_exclusion_log_filter.htm

Creating an exclusion log filter:

Transfer CFT can filter log messages according to predefined filters to exclude certain types of messages.

Access the Unified Parameters uconf tool. Customize the uconf parameters to create the required filter pattern with one or more of the following characteristics:

cft.server.log.exclude_filters = ID1 ID2 ID3

Space separated list of filter identifiers

Only the log filters in the list are activated

cft.server.log.exclude_filters.ID.pattern=

The pattern matches a Log messages that is to be excluded from all Logs (Log output, Log file and Sentinel)

cft.server.log.exclude_filters.ID.comment=

A free field that you can use to describe the filter

Example:
CFTUTIL UCONFSET ID =cft.server.log.exclude_filters, VALUE =cron_heartbeat

CFTUTIL UCONFSET ID =cft.server.log.exclude_filters.cron_heartbeat.pattern, VALUE =CFTS37*ID=HEARTBEAT*

CFTUTIL UCONFSET ID =cft.server.log.exclude_filters.cron_heartbeat.comment, VALUE ="Excludes from the log all cronjob messages concerning the ID HEARTBEAT"