6.16.1 SFTP-adapter runtime-environment properties file

(a) Server information

sftpadp.host-ipaddr=IP-address-or-host-name-of-SFTP-server-to-be-connected-to

Specifies the IP address or host name of the SFTP server to be connected. You can specify the IP address by using the IPv4 dot notation or the IPv6 colon notation.

If both the host-ipaddr element of a request message and this property are specified, the value specified for the host-ipaddr element takes priority. If neither of them is specified, the request processing causes an error. For details about the host-ipaddr element, see the manual Service Platform Reception and Adapter Definition Guide.

sftpadp.host-con-port=port-number-of-SFTP-server-to-be-connected-to ~ <Numeric character> ((1 to 65535))

Specifies the port number of the SFTP server to be connected.

If both the host-con-port element of a request message and this property are specified, the value specified for the host-con-port element takes priority. If neither of them is specified, the request processing causes an error. For details about the host-con-port element, see the manual Service Platform Reception and Adapter Definition Guide.

sftpadp.user=login-user-name-of-SFTP-server-to-be-connected-to ~ <Character string> ((1 to 80 characters))

Specifies the login user name of the SFTP server to be connected.

You can specify halfwidth alphanumeric characters, halfwidth symbols (0x21 to 0x7E in ASCII encoding), and halfwidth spaces (0x20 in ASCII encoding). The characters are case sensitive. You can use the following halfwidth symbols:

• Exclamation mark (!)

• Double quotation mark (")

• Hash mark (#)

• Dollar sign ($)

• Percent sign (%)

• Ampersand (&)

• Apostrophe mark (')

• Left parenthesis (()

• Right parenthesis ())

• Asterisk (*)

• Plus sign (+)

• Comma (,)

• Hyphen (-)

• Period (.)

• Forward slash (/)

• Colon (:)

• Semicolon (;)

• Left angle bracket (<)

• Right angle bracket (>)

• Equal sign (=)

• Question mark (?)

• At mark (@)

• Left square bracket ([)

• Right square bracket (])

• Yen sign (\)

• Caret (^)

• Underscore (_)

• Grave accent mark (`)

• Left curly bracket ({)

• Right curly bracket (})

• Vertical bar (|)

• Swung dash (~)

The login user to be specified must have the permissions to execute file operations.

If both the sftp-user element of a request message and this property are specified, the value specified for the sftp-user element takes priority. If neither of them is specified, the request processing causes an error. For details about the sftp-user element, see the manual Service Platform Reception and Adapter Definition Guide.

(b) Associated with client information

sftpadp.client-ipaddr=IP-address-of-HCSC-server

Specifies the IP address of the HCSC server. You can specify the IP address by using the IPv4 dot notation or the IPv6 colon notation.

If the specified IP address is invalid, a system exception occurs. If you omit this property, the system automatically assigns any IP address.

sftpadp.client-port.min=minimum-value-for-the-range-of-port-numbers-to-establish-sesssion ~ <Numeric character> ((1024 to 65535))

Specifies the minimum value for the range of port numbers where the SFTP adapter establishes a session. This property must be specified in pair with the sftpadp.client-port.max property that specifies the maximum value of the preceding range. If you omit both of these properties, the system automatically assigns any port number.

In the following cases, an error occurs when the SFTP adapter starts:

• A value greater than the maximum value of the range of port numbers (specified for the sftpadp.client-port.max property) is specified.

• Either the sftpadp.client-port.min property or the sftpadp.client-port.max property is specified.

sftpadp.client-port.max=maximum-value-for-the-range-of-port-numbers-to-establish-sesssion ~ <Numeric character> ((1024 to 65535))

Specifies the maximum value for the range of port numbers where the SFTP adapter establishes a session. This property must be specified in pair with the sftpadp.client-port.min property that specifies the minimum value of the preceding range. If you omit both of these properties, the system automatically assigns any port number.

In the following cases, an error occurs when the SFTP adapter starts:

• A value smaller than the minimum value of the range of port numbers (specified for the sftpadp.client-port.min property) is specified.

• Either the sftpadp.client-port.min property or the sftpadp.client-port.max property is specified.

(c) SFTP settings

sftpadp.data-compression={true|false} ~ <<false>>

Specifies whether to compress the data to be transmitted.

• true

  The data to be transmitted will be compressed.

• false

  The data to be transmitted will not be compressed.

If both the data-compression element of a request message and this property are specified, the value specified for the data-compression element takes priority. If neither of them is specified, the default value is applied. For details about the data-compression element, see the manual Service Platform Reception and Adapter Definition Guide.

sftpadp.strict-hostkey-checking={true|false} ~ <<false>>

Specifies whether to perform the strict host key check during host authentication.

• true

  The strict host key check will be performed.

  The host key received from the SFTP server is compared with the host key specified for the sftpadp.host-auth-inf-filepath property to verify that the target server is to be connected to. If the host key does not exist or is changed, an error occurs.

  Because host authentication uses the host public key file, you must specify the absolute path of the host public key file for the sftpadp.host-auth-inf-filepath property.

• false

  The strict host key check will not be performed.

If both the strict-hostkey-checking element of a request message and this property are specified, the value specified for the strict-hostkey-checking element takes priority. If neither of them is specified, the default value is applied. For details about the strict-hostkey-checking element, see the manual Service Platform Reception and Adapter Definition Guide.

sftpadp.host-auth-inf-filepath=absolute-path-for-host-public-key-file

Specifies the absolute path to the host public key file. You must create the host public key file in advance and assign access permissions of the administrator of the HCSC server.

If the specified host public key file does not exist, an error occurs when the SFTP adapter starts. In addition, if this property is not specified when the strict host key check is performed (sftpadp.strict-hostkey-checking=true is specified), an error occurs during request processing.

sftpadp.user-auth-type={password|publickey}

Specifies the user authentication method.

• password

  Password authentication will be performed.

• publickey

  Public key authentication will be performed.

If both the user-auth-type element of a request message and this property are specified, the value specified for the user-auth-type element takes priority. If neither of them is specified, the request processing causes an error. For details about the user-auth-type element, see the manual Service Platform Reception and Adapter Definition Guide.

sftpadp.password-auth-info=user-name-for-password-authentication ~ <Character string> ((1 to 80 characters))

Specifies the user name used for password authentication if password authentication will be performed.

Specify the user name registered by using the csauseradd command. You can use halfwidth alphanumeric characters, halfwidth symbols (0x21 to 0x7E in ASCII encoding), and halfwidth spaces (0x20 in ASCII encoding). The characters are case sensitive. You can use the following halfwidth symbols:

• Exclamation mark (!)

• Double quotation mark (")

• Hash mark (#)

• Dollar sign ($)

• Percent sign (%)

• Ampersand (&)

• Apostrophe mark (')

• Left parenthesis (()

• Right parenthesis ())

• Asterisk (*)

• Plus sign (+)

• Comma (,)

• Hyphen (-)

• Period (.)

• Forward slash (/)

• Colon (:)

• Semicolon (;)

• Left angle bracket (<)

• Right angle bracket (>)

• Equal sign (=)

• Question mark (?)

• At mark (@)

• Left square bracket ([)

• Right square bracket (])

• Yen sign (\)

• Caret (^)

• Underscore (_)

• Grave accent mark (`)

• Left curly bracket ({)

• Right curly bracket (})

• Vertical bar (|)

• Swung dash (~)

If both the user-auth-info element of a request message and this property are specified, the value specified for the user-auth-info element takes priority. If the user-auth-info element, this property, or the sftpadp.publickey-auth-info property is not specified, the request processing causes an error. For details about the user-auth-info element, see the manual Service Platform Reception and Adapter Definition Guide.

sftpadp.password-auth-inf-filepath=absolute-path-of-password-authentication-information-definition-file

Specifies the absolute path of the password authentication information definition file if password authentication will be performed. Specify a password authentication information definition file created by using the csauseradd command.

The password authentication information definition file to be specified requires access permissions of the administrator of the HCSC server.

If the specified password authentication information definition file does not exist, an error occurs when the SFTP adapter starts. If this property is not specified when password authentication will be performed, an error occurs during request processing.

Important note

User authentication is always performed. Therefore, you must specify this property or the sftpadp.publickey-auth-inf-filepath property. If you omit both, an error occurs during request processing.

sftpadp.publickey-auth-info=authentication-information-ID-used-for-public-key-authentication ~ <Halfwidth alphanumeric characters and underscores (_)> ((1 to 8 characters))

Specifies the ID of the authentication information used for public key authentication if public key authentication will be performed. Specify a key ID registered by using the csakeyadd command.

If both the user-auth-info element of a request message and this property are specified, the value specified for the user-auth-info element takes priority. If the user-auth-info element, this property, or the sftpadp.password-auth-info property is not specified, the request processing causes an error. For details about the user-auth-info element, see the manual Service Platform Reception and Adapter Definition Guide.

sftpadp.publickey-auth-inf-filepath=absolute-path-of-public-key-authentication-information-definition-file

Specifies the absolute path of the public key authentication information definition file if public key authentication will be performed. Specify a public key authentication information definition file created by using the csakeyadd command.

The public key authentication information definition file to be specified requires access permissions of the administrator of the HCSC server.

If the specified public key authentication information definition file does not exist, an error occurs when the SFTP adapter starts. If this property is not specified when public key authentication will be performed, an error occurs during request processing.

Important note

User authentication is always performed. Therefore, you must specify this property or the sftpadp.password-auth-inf-filepath property. If you omit both, an error occurs during request processing.

sftpadp.kex-exchange.algorithm=priority-of-key-exchange-method-used-for-encrypted-communication

Specifies the priority of the key exchange methods used to establish encrypted communication.

The following table lists the specifiable key exchange methods and the default priority. Specify these key exchange methods in the order of priority, using the comma separated format (for example, sftpadp.kex-exchange.algorithm=key-exchange-method,key-exchange-method,key-exchange-method). If you specify a key exchange method not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Key exchange method
High	ecdh-sha2-nistp256
↑	ecdh-sha2-nistp384
|	ecdh-sha2-nistp521
|	diffie-hellman-group14-sha1
|	diffie-hellman-group-exchange-sha256
↓	diffie-hellman-group-exchange-sha1
Low	diffie-hellman-group1-sha1

sftpadp.common-key.cryptosystem.c2s=priority-of-common-key-cryptography-method-(client-to-server-communication)

Specifies the priority of the common key cryptography methods used to establish encrypted communication from a client to a server.

The following table lists the specifiable common key cryptography methods and the default priority. Specify these common key cryptography methods in the order of priority, using the comma separated format (for example, sftpadp.common-key.cryptosystem.c2s=common-key-cryptography-method,common-key-cryptography-method,common-key-cryptography-method). If you specify a common key cryptography method not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Common key cryptography method
High	aes128-ctr
↑	aes128-cbc
|	3des-cbc
|	blowfish-cbc
|	aes192-ctr
|	aes192-cbc
↓	aes256-ctr
Low	aes256-cbc

sftpadp.common-key.cryptosystem.s2c=priority-of-common-key-cryptography-method-(server-to-client-communication)

Specifies the priority of the common key cryptography methods used to establish encrypted communication from a server to a client.

The following table lists the specifiable common key cryptography methods and the default priority. Specify these common key cryptography methods in the order of priority, using the comma separated format (for example, sftpadp.common-key.cryptosystem.s2c=common-key-cryptography-method,common-key-cryptography-method,common-key-cryptography-method). If you specify a common key cryptography method not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Common key cryptography method
High	aes128-ctr
↑	aes128-cbc
|	3des-cbc
|	blowfish-cbc
|	aes192-ctr
|	aes192-cbc
↓	aes256-ctr
Low	aes256-cbc

sftpadp.message-authentication-code.c2s=priority-of-message-authentication-encoding-method-(client-to-server-communication)

Specifies the priority of the message authentication encoding methods (mechanisms that prevent alteration of data) used for communication from a client to a server.

The following table lists the specifiable message authentication encoding methods and the default priority. Specify these message authentication encoding methods in the order of priority, using the comma separated format (for example, sftpadp.message-authentication-code.c2s=encoding-method,encoding-method,encoding-method). If you specify a message authentication encoding method not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Message authentication encoding method
High	hmac-md5
↑	hmac-sha1
|	hmac-sha2-256
↓	hmac-sha1-96
Low	hmac-md5-96

sftpadp.message-authentication-code.s2c=priority-of-message-authentication-encoding-method-(server-to-client-communication)

Specifies the priority of the message authentication encoding methods (mechanisms that prevent alteration of data) used for communication from a server to a client.

The following table lists the specifiable message authentication encoding methods and the default priority. Specify message authentication encoding methods in the order of priority, using the comma separated format (for example, sftpadp.message-authentication-code.s2c=encoding-method,encoding-method,encoding-method). If you specify a message authentication encoding method not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Message authentication encoding method
High	hmac-md5
↑	hmac-sha1
|	hmac-sha2-256
↓	hmac-sha1-96
Low	hmac-md5-96

sftpadp.host-key.algorithm=priority-of-host-authentication-method

Specifies the priority of host authentication methods.

The following table lists the specifiable host authentication methods and the default priority. Specify these host authentication methods in the order of priority, using the comma separated format (for example, sftpadp.host-key.algorithm=host-authentication-method,host-authentication-method,host-authentication-method). If you specify a host authentication method not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Host authentication method
High	ssh-rsa
↓	ssh-dss
Low	ecdsa-sha2-nistp256

sftpadp.data-compression.algorithm.c2s=priority-of-data-compression-algorithm-(client-to-server-communication)

Specifies the priority of the data compression algorithms used for communication from a client to a server.

The following table lists the specifiable data compression algorithms and the default priority. Specify these data compression algorithms in the order of priority, using the comma separated format (for example, sftpadp.data-compression.algorithm.c2s=data-compression-algorithm,data-compression-algorithm,data-compression-algorithm). If you specify a data compression algorithm not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Data compression algorithm
High	zlib@openssh.com
Low	zlib

sftpadp.data-compression.algorithm.s2c=priority-of-data-compression-algorithm-(server-to-client-communication)

Specifies the priority of the data compression algorithms used for communication from a server to a client.

The following table lists the specifiable data compression algorithms and the default priority. Specify these data compression algorithms in the order of priority, using the comma separated format (for example, sftpadp.data-compression.algorithm.s2c=data-compression-algorithm,data-compression-algorithm,data-compression-algorithm). If you specify a data compression algorithm not shown in this table, an error occurs when the SFTP adapter starts.

Default priority	Data compression algorithm
High	zlib@openssh.com
Low	zlib

(d) Session connection timeout

sftpadp.session.timeout=timeout-value-for-session-connection-processing ~ <Numeric character> ((1 to 3600)) <<10>>

Specifies the wait time (in seconds) until the session connection processing times out.

sftpadp.session-con.retry.count=retry-count-when-session-cannot-be-established ~ <Numeric character> ((0 to 10000)) <<5>>

Specifies the number of times to retry a connection when a session cannot be established because, for example, the target system is busy. If you specify 0, the connection will not be retried.

sftpadp.session-con.retry.interval=retry-interval-when-session-cannot-be-established ~ <Numeric character> ((0 to 86400)) <<2>>

Specifies the interval (in seconds) at which a connection is retried when a session cannot be established because, for example, the target system is busy. If you specify 0, the connection will be retried without an interval.

(e) Lock acquisition timeout

sftpadp.read-lock.retry.count=retry-count-when-shared-lock-of-common-folder-fails ~ <Numeric character> ((0 to 1024)) <<0>>

Specifies the retry count when a shared lock of the files in the common folder fails.

sftpadp.read-lock.retry.interval=retry-interval-when-shared-lock-of-common-folder-fails ~ <Numeric character> ((1 to 1024)) <<1>>

Specifies, in seconds, the retry interval when a shared lock of the files in the common folder fails.

sftpadp.write-lock.retry.count=retry-count-when-dedicated-lock-of-common-folder-fails ~ <Numeric character> ((0 to 1024)) <<0>>

Specifies the retry count when a dedicated lock of the files in the common folder fails.

sftpadp.write-lock.retry.interval=retry-interval-when-dedicated-lock-of-common-folder-fails ~ <Numeric character> ((1 to 1024)) <<1>>

Specifies, in seconds, the retry interval when a dedicated lock of the files in the common folder fails.

(f) Data read timeout

sftpadp.data-read.timeout=time-for-monitoring-response-from-SFTP-server ~ <Numeric character> ((1 to 3600)) <<60>>

Specifies the time (in seconds) for monitoring a response from the SFTP server when, for example, file data is acquired at runtime of the GET operation or the result of algorithm negotiation is acquired.

If the receiving process is not completed even after the specified time has elapsed, an exception (error) occurs.

(g) Maintenance log

sftpadp.methodtrace.level={1|2|3|4|5} ~ <<3>>

Specifies the output level for the maintenance log. The following table lists the output information and output levels:

Output information	Output level
	1	2	3	4	5
Entrance and exit information for the requestor service method (class name, method name, argument, return value)	N	Y	Y	Y	Y
Entrance and exit information for the external (such as BP) interfaces (class name, method name, argument, return value)	N	N	Y	Y	Y
Entrance and exit information for the interfaces within a component (class name, method name, argument, return value)	N	N	N	Y	Y
Debug information (such as information of branching of processing)	N	N	N	N	Y

sftpadp.methodtrace.filenum=number-of-maintenance-log-files ~ <Numeric character> ((1 to 16)) <<8>>

Specifies the number of maintenance log files.

sftpadp.methodtrace.filesize=maximum-size-of-one-maintenance-log-file ~ <Numeric character> ((4096 to 2147483647)) <<2097152>>

Specifies the maximum size of one maintenance log file in bytes.

(h) Exception log

sftpadp.exptrace.filenum=number-of-exception-log-files ~ <Numeric character> ((1 to 16)) <<8>>

Specifies the number of exception log files.

sftpadp.exptrace.filesize=maximum-size-of-one-exception-log-file ~ <Numeric character> ((4096 to 2147483647)) <<2097152>>

Specifies the maximum size of one exception log file in bytes.

(i) SFTP protocol trace

sftpadp.sftpprotocoltrace.filenum=number-of-SFTP-protocol-trace-files ~ <Numeric character> ((1 to 16)) <<8>>

Specifies the number of protocol trace files.

sftpadp.sftpprotocoltrace.filesize=maximum-size-of-one-SFTP-protocol-trace-file ~ <Numeric character> ((4096 to 2147483647)) <<2097152>>

Specifies the maximum size of one protocol trace file in bytes.