SFTPPlus

Articles and news

Endpoint FTPS and SFTP server for DWP GFTS

Tue 02 April 2019 | blog

A red floppy disk.

The electronic data interchange (EDI) of the Department for Work and Pensions (DWP) in the United Kingdom is done via the Generic File Transfer Service (GFTS) gateway.

This article is aimed at companies which need to exchange files and data with the DWP. These entities are referred by DWP as creditor server or endpoint FTPS server.

The information is also valid for the E-Transfer systems used by local councils.

In practice, this means that as a partner to DWP you will have to set up and host an Explicit FTPS server. DWP is operating an FTPS client and actively pushes data to you.

Electronic data interchange (EDI) is the concept of electronically communicating information that was traditionally communicated on paper, such as purchase orders and invoices.

Connection Security

The connection between your company and DWP is secured using certificate-based mutual TLS authentication (mTLS) (also referred to as two-way authentication). DWP will provide the SSL certificate used by their client, while your company will have to provide the SSL certificate used by your FTPS server.

With SFTPPlus you can use a certificate generated by any certificate authority (public or your private CA).

Integration with the Let's Encrypt Certificate Authority is provided via the HTTP-01 challenge. SFTPPlus can seamlessly obtain and use a certificate from the Let's Encrypt CA. The certificate is automatically renewed.

On top of the security provided by the TLS/SSL layer, username/password credentials are used to identify the requests from DWP.

SFTPPlus can support a multi-channel architecture, allowing you to use the same SFTPPlus server for exchanging files with multiple partners, not only with DWP.

Read more about securing FTPS server with SFTPPlus in our dedicated documentation page.

Client / Server Data Exchange

FTPS is an open standard file transfer protocol built on a client-server model architecture.

The client is the active component which controls when and what type of file transfer operation to perform. The client generates an authenticated connection to the server and ask the server to push or pull files. DWP will act as a client.

The server is the reactive component which controls who can perform file transfer operations and what kind of file operations are allowed. The server stays idle and only becomes active once it receives a connection from the client. Your system will act as a server.

Once the data is pushed by DWP, it will reside as files on your system. From there it will be further processed and consumed by your business system.

ProAtria DWP Expertise

ProAtria, the developer of SFTPPlus, is a long-term partner for the project deployed at DWP. We have helped with the migration from insecure FTP to Explicit and Implicit FTPS systems and with the migration from legacy Solaris-based systems to a modern Linux-based cloud infrastructure.

We are involved in the delivery and maintenance of the Digital Children’s Platform (DOS 012) and the data exchange between DWP and the Scottish Government.

We offer broad expertise into the data exchange with DWP and DVLA. Our customers benefit of help and consultancy for their DWP and DVLA related projects without any additional cost.

A server rack.

SFTPPlus MFT bewerten

Die in diesem Artikel aufgeführten Funktionen sind nur einige ausgewählte Funktionen aus vielen heute verfügbaren Integrations- und Konfigurationsoptionen. Sprechen Sie mit dem Support-Team über Ihre Anforderungen an die Datenaustausch-Software.

SFTPPlus MFT Server unterstützt FTP, Explizites FTPS, Implizites FTPS, SFTP, SCP, HTTP und HTTPS.

SFTPPlus MFT ist als On-Premise-Lösung erhältlich, die auf Windows, Linux und macOS unterstützt wird.

Es ist auch in der Cloud als Docker-Container, AWS- oder Azure-Instanzen und viele andere Cloud-Anbieter verfügbar.

Fordern Sie mit dem unten stehenden Formular eine Testversion an.

• • •

SFTPPlus Release 3.46.0

Mon 11 March 2019 | general release

We are announcing the latest release of SFTPPlus version 3.46.0.

New Features

  • The HTTP/HTTPS file transfer service now supports downloading multiple files at once as a Zip file. [server-side][web-api][http][https] [#5093]
  • It is now possible to set up password expiration for accounts and groups. [server-side][security] [#5146]
  • It is now possible to configure the preferred size of the group in the SSH Diffie-Hellman group key exchange method. [server-side][sftp][scp] [#5205]
  • The file dispatcher event handler now supports the copy action. This will copy the source file to one or more destinations, without removing the source file. [server-side][client-side] [#5210]
  • The file dispatcher event handler now supports the rename action. This will rename the source file (with an atomic move operation) without overwriting an existing file. [server-side][client-side] [#5220]

Defect Fixes

  • An event is now emitted when a file is closed after it was open for reading through the HTTP file transfer service. [server-side][http][https] [#5093]
  • The HTTP/HTTPS file transfer service now responds with 401 Unauthorized for requests made with 100 Continue when no credentials are provided in the request. [server-side][http][https] [#5223]

You can check the full release notes here.

• • •

SFTPPlus Release 3.45.0

Thu 14 February 2019 | general release

We are announcing the latest release of SFTPPlus version 3.45.0.

New Features

  • It is now possible for SFTP/SCP clients to change their own password using the SSH command execution service. [server-side][sftp][scp] [#5129]
  • It is now possible to transfer files using temporary names, renaming to their initial names once successfully transferred. [client-side] [#5156]
  • Events emitted when a file is closed after a server-side SFTP or SCP transfer now include transferred size, duration, and average speed. [server-side][scp][sftp] [#5196]
  • You can now configure an account to allow authentication only from a specific list of source IP addresses. [server-side][security] [#5201]

Defect Fixes

  • The SFTP/SCP file transfer service no longer generates an internal server error when the SCP protocol is requested as an SSH subsystem. [server-side][scp] [#5129]
  • For move transfers, the removal of the source file is now retried when the operation fails. In previous versions, once the file was transferred, the source removal was attempted only once. [client-side] [#5156-1]
  • The transfer of a file is now retried when the operation to check the existence of the remote file fails. [client-side] [#5156]
  • For the SCP protocol, the event with ID 30042 is no longer emitted when the client is sending the whole file without an end of file marker. In previous versions, if the SCP client uploaded all the file data, but did not send the explicit confirmation for the end of file or stream, SFTPPlus was emitting the event 30042 to inform that the transfer was not complete. [server-side][scp] [#5196]

Deprecations and Removals

  • The events emitted for rename operations now have the destination path as the default path attribute. In previous versions the source path was used. The from attribute will contain the source path. The following event IDs are affected: 60043, 60044, 30025, 30026, 30027 [server-side][client-side] [#5156]
  • Support for FreeBSD 10.x on X86_64 was removed. [#5170]

You can check the full release notes here.

• • •

Get email notifications from your FTP and SFTP servers

Thu 31 January 2019 | article

Introduction

Email notification article banner

SFTPlus can connect to any STMP servers and deliver emails based on the activity, actions and events triggered by a file transfer.

With SFTPPlus you can configure the list of recipients (with CC and BCC), email subject and email body.

The email notification can be use for FTPS or SFTP server monitoring and reporting, or just for critical failure/error conditions.

For example, you can trigger an email notification, whenever a SFTP file upload fails on your file transfer service. In this way, you can automatically monitor the server for new files and be notified when you got new files which failed to be fully uploaded.

Operation principles

An Email client resource is created inside the SFTPPlus configuration in order to define the STMP server address, port and credentials.

For each type / category of email notifications, create a separate Send as email event handlers.

Each event handler has a set of filters which determined the condition under which the emails are triggered. For example, you can trigger on all file upload to your site, or only on uploads from a certain user.

Multiple event handlers can use a single email client resource to deliver the emails.

Integration with Email Delivery Services

Using the standard STMP protocol, SFTPPlus can send email alerts using any of the cloud based email delivery services.

If your SFTP server is hosted with Azure, you might want to use the Sendgrid service. For FTP servers hosted with Amazon EC2 you might want to use the Amazon SES service.

Note that for Amazon EC2, port 25 is throttled. You should use port 587 instead.

Check our dedicated documentation page to see how to configure email alerts in SFTPPlus.

This resource is written as of SFTPPlus version 3.44.0.

SFTPPlus MFT bewerten

Die in diesem Artikel aufgeführten Funktionen sind nur einige ausgewählte Funktionen aus vielen heute verfügbaren Integrations- und Konfigurationsoptionen. Sprechen Sie mit dem Support-Team über Ihre Anforderungen an die Datenaustausch-Software.

SFTPPlus MFT Server unterstützt FTP, Explizites FTPS, Implizites FTPS, SFTP, SCP, HTTP und HTTPS.

SFTPPlus MFT ist als On-Premise-Lösung erhältlich, die auf Windows, Linux und macOS unterstützt wird.

Es ist auch in der Cloud als Docker-Container, AWS- oder Azure-Instanzen und viele andere Cloud-Anbieter verfügbar.

Fordern Sie mit dem unten stehenden Formular eine Testversion an.

Email Alerts Services That You Should Use image used in this article was created by Amit Agarwal and is licensed under CC BY 2.0 / Cropped from original.

• • •

SFTPPlus Release 3.44.0

Thu 24 January 2019 | general release

We are announcing the latest release of SFTPPlus version 3.44.0.

New Features

  • It is now possible to configure the name associated to the sender email address in the email client resource. [#3069]
  • It is now possible for file transfer users to change the password associated with their accounts via the HTTP / HTTPS protocols. [server-side][http][https] [#5128]
  • It is now possible to configure an email sender event handler with CC and BCC fields. [#5158]
  • It is now possible to monitor OS resources used by SFTPPlus, and trigger an event when their usage hits certain configurable limits. This feature is not available on HP-UX, Windows XP and Windows Server 2003. [#5175]
  • Alpine Linux 3.7 on X86_64 is now a supported platform. [#5179]
  • It is now possible to schedule a transfer based on week days. [client-side][#5184]

Defect Fixes

  • The HTTP/HTTPS file transfer service login page is now accessible in HTML format for Internet Explorer in compatibility mode. [http][https][server-side] [#5188]

Deprecations and Removals

  • The URL of the login page used by the HTTP/HTTPS file transfer service was moved from /login to /__chsps__/login. [server-side][http][https] [#5128]
  • Support for Alpine Linux 3.6 on X86_64 was removed. [#5179]
  • Event with ID 60019 emitted when a transfer has invalid schedule configuration was removed and replaced with the generic event ID. [#5184]
  • The HTTP/HTTPS file transfer API now requires an explicit Accept: application/json header in order to use the JSON variant of the API. Otherwise, it will default to the HTML/WebDAV variant. [http][https][api][server-side] [#5188]

You can check the full release notes here.

• • •
← Previous Page | Next Page →