FWFRIENDLY TRUE ; Data connections are set up from the FTP client CLIENTERRCODES EXTENDED ; FTP RC are to be converted to client error codes. DEBUG SEC ; Activate a specific trace type ; SEC = trace shows the processing of security ; security functions such as TLS and GSSAPI ; ALL = set all of the trace points PASSIVEIGNOREADDR TRUE ; FTP client ignore IP address returned from server ; TRUE=specifies that the FTP client uses the port ; from the PASV command EPSV4 TRUE ; Directs the client to use EPRT and EPSV commands on ; on IPv4 sessions. ; Guideline: If your client has trouble establishing ; a data connection on an IPv4 security protected, ; encrypted session through an NAT firewall, coding ; EPSV4 TRUE in the client's FTP.DATA can can help. SECUREIMPLICITZOS FALSE ; When to negotiate or expect security handshake ; FALSE=FTP client security handshake immediately ; after the connection and before the initial ; 220 reply is received from the server. SECURE_FTP REQUIRED ; Whether security mechanism is optional or required ; Unable to specify PRIVATE - ALLOWED REQUIRED OK ; PRIVATE = indicates a security mechanism is ; required and the FTP client will allow only ; secure traffic. ; ALLOWED = Allow the client to log in using a ; security mechanism, but it is not required. ; REQUIRED = Specify that a client log in must use a ; security mechanism. If the server does not ; support the client's security mechanism, the ; login fails and the client cannot log in. SECURE_MECHANISM TLS ;Name of the security mechanism that the client uses ; uses when it sends an AUTH command to the server. TLSMECHANISM FTP ; FTP = Specifies that secure mechanism TLS is ; defined by FTP. ; ATTLS = Specifies that secure mechanism TLS is ; performed by AT-TLS. ;FC2905 ftpAuthAttls: AT-TLS not enabled on TCPCONFIG ;EXTENSIONS AUTH_TLS ; Specifies that TLS authentication is supported. TLSRFCLEVEL CCCNONOTIFY ; CCCNONOTIFY = Specifies that FTP does not issue ; the TLSshutdown after sending Specifies that ; FTP does not issue the TLSshutdown after ; sending or receiving the CCC command. SECURE_DATACONN PRIVATE ; SECURITY LEVEL USED ON DATA CONNECTIONS. ; PRIVATE = Indicates the client requires ; data to be transferred enciphered. ; NEVER = data to be transferred raw with no cipher SECURE_CTRLCONN PRIVATE ; SECURITY LEVEL FOR A CONTROL CONNECTION. ; PRIVATE = Client data is transferred both ; integrity and privacy protected. ; CLEAR = Data can be transferred raw SECURE_HOSTNAME REQUIRED ; Authentication of hostname in the server ; certificate is required. KEYRING *AUTH*/* ; Specify a keyring of *AUTH*/* to use the CERTAUTH ; virtual keyring. ; Use the KEYRING statement to define the key ring ; that contains the certificate used during the TLS ; handshake. ; SECURE_SESSION_REUSE REQUIRED ; To require session reuse for the server when ; SSL/TLS is used to protect the connections, code ; the following statement: ; --------------------------------------------------------------------- ; ; 8. Timers ; ; --------------------------------------------------------------------- ;CCONNTIME 30 ; Timeout value for successful ; close of control connection. ; Default value is 30 seconds. ; Valid range is 15 through 86400. ; 0 = do not timeout ;DATACTTIME 120 ; Timeout for send/receive data ; operations. ; Default value is 120 seconds. ; Valid range is 15 through 86400. ; 0 = do not timeout ;DATAKEEPALIVE 0 ; (S) Keepalive packets are sent ; after the data connection is ; idle for the specified number ; of seconds on the data ; connection. ; 0 seconds (D) ; 0 = use keepalive interval ; configured in the PROFILE.TCPIP ; for passive mode and no keepalive ; packets for active mode ; Valid range is 60 - 86400 ;DCONNTIME 120 ; Timeout value for successful ; close of data connection. ; Default value is 120 seconds. ; Valid range is 15 through 86400. ; 0 = do not timeout ;DSWAITTIME 0 ; (S) The approximate number of ; minutes ftp waits when trying ; to access an MVS data set. ; Default is 0 minutes ; 0 (D) ; Valid range is 0 - 14400 ;FTPKEEPALIVE 0 ; Keepalive packets are sent after ; the control connection is ; idle for the specified number ; of seconds ; Default is 0 seconds ; 0 = do not send keepalive packets ; Valid range is 60 - 86400 ;INACTTIME 120 ; The time in seconds to wait for ; an expected response from the ; server. ; Default value is 120 seconds. ; Valid range is 15 through 86400. ; 0 = do not timeout ;MYOPENTIME 60 ; Connection timeout value in ; seconds. ; Default value is 60 seconds. ; Valid range is 15 through 86400. ; 0 = do not timeout ;PROGRESS 10 ; Time interval in seconds between ; progress updates for file ; transfers. Default is 10 seconds ; Valid range is 10 through 86400, ; or 0 to request no updates.