Setting up FTP

Set up FTP to allow access to the usercode from Builder. Use the following SYSTEM/ MAKEUSER +RU commands:

+RU *ANYUSER OF *IPADDRESS nnn[.nnn[.nnn[.nnn]]]
+RU usercode OF *IPADDRESS nnn[.nnn[.nnn[.nnn]]]

Where nnn[.nnn[.nnn[.nnn]]] contains the required IP address nodes.

Perform the following to use Secure FTP (TLS 1.2) for the file transfer from the PC to the MCP host:

  1. Create the TLS certificate request on the MCP host machine:

    1. Ensure that the Security Center is installed on the host and in a PC environment.

      Refer to the MCP Security Overview and Implementation Guide for more information.

    2. To open the Security Center, select All Programs > Unisys MCP > Security Center.

    3. Select MCP Cryptographic Services Manager > Trusted Keys.

    4. Right-click on WebTS Keys and then select Create Key.

    5. Set the Service name to FTPTLS.

    6. Set the Usercode to *NULL and key strength to at least 2048.

    7. Select the Create Certificate Request check box, and then fill in the remaining fields with the appropriate details (for example, Signature Algorithm is SHA256_RSA). Refer to the Developer Online Help for more information.

    8. Click OK.

      The Save dialog box is displayed.

    9. Enter the file name and then click Save.

      This creates a certificate request file (.req).

      Note: It is recommended that this certificate request file be processed by a trusted third-party Certificate Authority (CA).

  2. After the .certificate request (.req) has been processed by the CA, import the resulting security certificate

    1. Open the Security Center.

    2. Select MCP Cryptographic Services Manager > Trusted Keys.

      Expand the key store to where your key was created (WebTS Keys).

    3. Right-click on your key, and then select Options > Install Certificate Into Set.

    4. In the File Browser, select the appropriate .P7B or .P7C file.

      When the certificate has been successfully, a green check mark appears next to the name of the certificate.

      Note: If you are using a non-trusted CA, the newly created .P7B or .P7C file is now ready for installing or importing on the client. The same process must be followed if you are using a self-signed certificate.

  3. From MARC, enable SSL on TCPIP: NW TCPIP OPT + SSL % to ensure SSL lib is active.

  4. Configure the FTP properties in the FTP configuration file — 

    *SYSTEM/FTP/SUPPORT/CONFIGURATION

    1. Apply these changes to the FTP configuration file: 

      (1)	AUTHMODE = SSL
      (2)	SSLMODE = IMPLICIT
      (3)	SSL_SERVICENAME = “FTPTLS”  %your WebTS Key name from above
      (4)	INITIATE_SSL_SERVER = 1
      (5)	CLIENT_CERTIFICATES = NONE

    2. Save the updated FTP configuration file.

    3. Restart FTP

      From MARC, 

      NA FTP -

      followed by 

      NA FTP +

Refer to the MCP Security Overview and Implementation Guide and TCP/IP Distributed Systems Services Operations Guide for more information on MCP security.

Refer to Installing Windows TLS Certificate for instructions on importing the FTP certificate into the Windows Trusted store.