Configuring sFTP Remote Target in Oracle MFT using key based authentication – SOA Suite 12c

In this post we will see how to configure SFTP target in oracle MFT console using public and private key pair based authentication.

For achieving this we have to follow the below steps.

STEP 1–>

Generate public and private key pair on the SFTP machine and copy the public to oracle MFT server.

We will generate these keys using SSH-KEYGEN utility and copy the .pub file to MFT server.

Command # ssh-keygen \-t rsa \-b 2048

STEP 2–>

Generate public and private key pair in the MFT server.

We will generate these keys using SSH-KEYGEN utility.

Command # ssh-keygen \-t rsa \-b 2048

STEP 3–>

Now we have to import the private key from MFT machine to MFT server keystore.

For doing this we are using wlst script.

login in your mft server.

login as: testuser

Using keyboard-interactive authentication.

Password:

#######################################

testuser@localhost:~$ pwd

/export/home/testuser

testuser@localhost:~$ cd /OracleSOA12.2.1/mft/common/bin

testuser@localhost:~$ wlst.sh (in windows machine its wlst.cmd)

Initializing WebLogic Scripting Tool (WLST) …

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

wls:/offline> connect(“weblogic”,”weblogic″,”t3://localhost:9003″)
Connecting to t3://localhost:9003 with userid weblogic …
Successfully connected to managed Server “mft_server1” that belongs to domain “fmw_domain”.

Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.

wls:/fmw_domain/serverConfig> importCSFKey(‘SSH’, ‘PRIVATE’, ‘MFTAlias’, ‘/home/oracle/.ssh/sftplocalmft’)
CSF key imported successfully.
wls:/fmw_domain/serverConfig> listCSFKeyAliases(‘SSH’, ‘PRIVATE’)
Key Details
————————————————————————–
‘MFTAlias’, Format PKCS#8, RSA

STEP 4–>

Now we have to import the public key of remote SFTP host to MFT server.

wls:/fmw_domain/serverConfig> importCSFKey(‘SSH’, ‘PUBLIC’, ‘MFT_RemotePub’, ‘/home/oracle/.ssh/authorized_keys’)
CSF key imported successfully.
wls:/fmw_domain/serverConfig> listCSFKeyAliases(‘SSH’, ‘PUBLIC’)
Key Details
————————————————————————–
‘MFT_ RemotePub’, Format X.509, RSA

wls:/fmw_domain/serverConfig> exit

Exiting WebLogic Scripting Tool.

STEP 5–>

Now we have to configure the Keystore in MFT console with the private alias we have created in above steps.

Login to MFT console and click on Administration tab.

On the left hand side you will see “keystores”, click on it to configure your keystore.

Provide the key store password for “default keystore” and “SSH     Keystore”.

mftkeystore1

Now we have to save the changes by clicking “SAVE” button.

STEP 6 –>

Create a target in your MFT console for SFTP remote directory.

Go to design view and click on Targets , it will open a new window .

Provide the name , type as sFTP Remote, host name (Remote sftp server host), folder (Remote sftp server directory), User (Remote SFTP user), Authentication as “PublicKey” and Private Key (it will show you the private key which we imported in STEP 3 ).

mftkeystore2

Click on OK. That’s it you are done with configuring SFTP Remote target in your MFT console.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s