Hi Chandru,
Yes, I tried but no matter which EXTENSIONS I add to the ftp.data I receive:
EZYFT47I dd:SYSFTPD=(MY FTP DATA FILE) file, line 51: Ignoring keyword "keyword "EXTENSIONS".
The same with SECURE_LOGIN Required:
EZYFT47I dd:SYSFTPD=(MY FTP DATA FILE) file, line 55: Ignoring keyword "SECURE_LOGIN".
I think that the fact I am using TLSMECHANISM ATTLS it is ignoring it.
Here are some of my ftp data settings:
SECURE_DATACONN Private
SECURE_FTP Required
EXTENSIONS AUTH_TLS
SECURE_LOGIN Required
SECURE_MECHANISM TLS
SECUREIMPlicitzos False
TLSMECHANISM ATTLS
I am getting the full TLS handshake still before this:
220 Workload Automation Agent FTP server ready
GU5348 ftpSetApplData: entered
FC0272 ftpAuth: security values: mech=TLS, tlsmech=ATTLS, tlsreuse=N, sFTP=R, sCC=C, sDC=P
FC2912 ftpAuthAttls: AT-TLS policy set as application controlled.
FU2210 TTLSRule: FTP-Client-Port2021~1
FU2216 TTLSGroupAction: gAct1~FTP-Client
FU2222 TTLSEnvironmentAction: eAct1~FTP-Client
FU2229 TTLSConnectionACtion: cAct1~FTP-Client
EZA1701I >>> AUTH TLS
234 AUTH command OK. Initializing SSL connection.
FC3071 authServerAttls: Start Handshake
FC3102 authServerAttls: FIPS140 not enabled
FC3126 authServerAttls: Using TLSv1.2 protocol
FC3137 authServerAttls: SSL cipher: 0035
FU1925 getCtrlConnCertAttls: Request certificate, size 1701
FU2523 getSessionIdAttls: Issuing SIOCTTLSCTL to get decoded AT-TLS Session ID
EZA2895I Authentication negotiation succeeded
Only after this I am getting the
FC1969 setdlevel: entered
FC2138 setpbsz: entered
EZA1701I >>> PBSZ 0
200 PBSZ command OK. Protection buffer size set to 0.
EZA1701I >>> PROT P
530 Not logged in.
FC2092 SETCEC code = 17
EZA2904I Cannot set protection level to private
EZA2906I Data connection protection is clear
EZA2921I Unable to set data connection protection to required level private