Unattended Server to Server File Transfers: From MVS Batch Job to Win/Unix Server
This article applies to: Managed Servers
To transfer files, you can use this sample JCL:
// EXEC FTPSECUR
put mvs.file.name target.file.name
Note: FTPSECUR is a PROC. It invokes the FTP program and specifies an FTPDATA file called SYS1.TCPPARMS(FTPDATAS) that contains the options for TLS FTP. You can use a different FTPDATA file, for example to specify different FTP default values. See the following procedure, Setting Custom FTP Values for more information.
Setting Custom FTP Values
To use your own FTPDATA file for secure FTP, for example if you want to specify FTP default values, specify the required security parameters in your FTPDATA file. The relevant parameters and the values specified in SYS1.TCPPARMS(FTPDATAS) are:
|Parameter||Values Specified in SYS1.TCPPARMS(FTPDATAS)|
|CIPHERSUITE||(Allowed to default to “any of the supported ciphersuites”)|
|TLSTIMEOUT||(Allowed to default to 100)|
These parameters (and others) are documented in section 4.4 of z/OS 1.7 Communications Server IP User’s Guide and Commands and in sections 2.10.4 to 2.10.145 of the z/OS 1.7 Communications Server IP Configuration Reference, starting at Section 2.10.4.
Note: TCPIP/UserRing is a RACF keyring holding SSL certificates that may be needed by the TLS FTP client during the TLS handshake. The client authenticates the server based on the SSL certificate that the server sends in the handshake. The keyring contains Certificate Authority certificates for Certificate Authorities that Systems Support considers valid, and can contain self-signed certificates for servers that Systems Support considers valid.
A user-defined keyring can be used instead of TCPIP/UserRing. If you want to create your own keyring, use the RACF RACDCERT command from TSO. More information can be found in the ADDRING subcommand in the documentation for RACDCERT.