Success
Manage your Success Plans and Engagements, gain key insights into your implementation journey, and collaborate with your CSMs
Customer Experience Accelerators
Accelerate your Purchase to Value by engaging with Informatica for Customer Success
My Engagements
All your Engagements at one place
 Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
 Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Experience Lounge
Self-guided, intuitive experience platform for outcome-focused product capabilities and use cases
 Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
SupportFlash
Monthly support newsletter
Product Availability Matrix
Product Availability Matrix statements of Informatica products
Product Lifecycle
End of Life statements of Informatica products
Pulse
Monitor the status of your Informatica services across regions
Events
Change Request Tracking
Marketplace
Trust Platform
English
  • B2B Data Exchange 10.5.0
  • All Products

Table of Contents

Search

  1. Preface
  2. Introduction
  3. Pre-Installation Notes
  4. Installation and Configuration
  5. Initial Configuration
  6. Enable Transport Layer Security version 1.3
  7. Customizing Installation Settings
  8. Product Administration
  9. Upgrade Overview
  10. Active-Passive: Backups and Replication
  11. Active-Active: Clustering and Automatic Failover
  12. Uninstalling Managed File Transfer

Informatica Managed File Transfer Installation Guide

Informatica Managed File Transfer Installation Guide

Back Next

Enable Transport Layer Security version 1.3

Enable Transport Layer Security version 1.3

Transfer Layer Security (TLS) version 1.3 provides several improvements over the earlier versions such as, simpler and faster TLS handshake, more secure cipher suites, and so on. Perform the following steps to enable TLSv1.3 on the
Managed File Transfer
 server:
  1. Download the latest available ZULU JDK version 1.8 and deploy it on the machine where the
    Managed File Transfer
     server was deployed.
  2. Replace the value of JAVA_HOME variable value with the JDK home path where the latest java was deployed (in
    setenv.sh/setenv.bat
     in
    <MFT_HOME>/server/tomcat/bin
    ). For example,
    JAVA_HOME="/root/jdk_1.8_u302/zulu8.56.0.21-ca-jdk8.0.302-linux_x64"
  3. Remove the comments to update the
    JAVA_OPTS
     variable value in
    setenv.sh/setenv.bat
     present in
    <MFT_HOME>/server/tomcat/bin
    .
    Uncomment the following line: 
    #rem uncomment below lines to use OpenJSSE instead of SunJSSE for TLSv1.3
 JAVA_OPTS="-XX:+UseOpenJSSE"
  4. Modify the
    server.xml
     file present in
    <MFT_HOME>/server/tomcat/conf
     location:
    1. Update sslEnabledProtocols value to TLSv1.3 in the Connector tag section for secure port.
    2. Ensure that the keystoreType value is "PKCS12".
    3. Update the keystoreProvider value from "SUNJSSE" to "OpenJSSE".
    For example: 
    <Connector name="secured" port="8002" protocol="HTTP/1.1"
                   SSLEnabled="true" enableLookups="false" disableUploadTimeout="true"
                   scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"
                                   sslEnabledProtocols="TLSv1.3"
                   algorithm="SunX509"
                   keystoreFile="/root/DXMFT_1050/MFT/server/userdata/keys/x509/sample-keystore.p12"
                   keystorePass="default" keystoreType="PKCS12" keyAlias="sample-key"
                                   keystoreProvider="OpenJSSE"
                   truststoreFile="/root/DXMFT_1050/MFT/server/userdata/keys/x509/trustedCertificates.jks"
                   truststorePass="default" truststoreType="JKS"
                   truststoreProvider="SUN"/>
  5. To start the HTTPS service with TLSv1.3, update the
    https.xml
     file present in
    <MFT_HOME>/config
     location, with the following values:
    1. Update sslEnabledProtocols value to TLSv1.3.
    2. Update the keystoreProvider value from "SUNJSSE" to "OpenJSSE".
0 COMMENTS
We’d like to hear from you!