Skip to main content

Unattended Server to Server File Transfers: From MVS Batch Job to Win/Unix Server

This article applies to: Managed Servers


  1. To transfer files, you can use this sample JCL:

    // EXEC FTPSECUR
    targethost.wherever.com
    userid password
    cd some-directory
    put mvs.file.name target.file.name
    quit
    /*

    Note: FTPSECUR is a PROC. It invokes the FTP program and specifies an FTPDATA file called SYS1.TCPPARMS(FTPDATAS) that contains the options for TLS FTP. You can use a different FTPDATA file, for example to specify different FTP default values. See the following procedure, Setting Custom FTP Values for more information.

Setting Custom FTP Values

To use your own FTPDATA file for secure FTP, for example if you want to specify FTP default values, specify the required security parameters in your FTPDATA file. The relevant parameters and the values specified in SYS1.TCPPARMS(FTPDATAS) are:

Parameter Values Specified in SYS1.TCPPARMS(FTPDATAS)
SECURE_MECHANISM TLS
SECURE_FTP REQUIRED
SECURE_CTROLCONN PRIVATE
SECURE_DATACONN PRIVATE
CIPHERSUITE (Allowed to default to “any of the supported ciphersuites”)
KEYRING TCPIP/UserRing
TLSTIMEOUT (Allowed to default to 100)

These parameters (and others) are documented in section 4.4 of z/OS 1.7 Communications Server IP User’s Guide and Commands and in sections 2.10.4 to 2.10.145 of the z/OS 1.7 Communications Server IP Configuration Reference, starting at Section 2.10.4.

Note: TCPIP/UserRing is a RACF keyring holding SSL certificates that may be needed by the TLS FTP client during the TLS handshake. The client authenticates the server based on the SSL certificate that the server sends in the handshake. The keyring contains Certificate Authority certificates for Certificate Authorities that Systems Support considers valid, and can contain self-signed certificates for servers that Systems Support considers valid.

A user-defined keyring can be used instead of TCPIP/UserRing. If you want to create your own keyring, use the RACF RACDCERT command from TSO. More information can be found in the ADDRING subcommand in the documentation for RACDCERT.

About this Article

Last updated: 

Friday, January 13, 2017 - 11:19pm

Was this page helpful?

Your feedback helps improve the site.

Comments?