Versions Compared

Old Version 1

changes.mady.by.user Stonebranch

Saved on

compared with

New Version Current

changes.mady.by.user Stonebranch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

open [primary={*|local|host-name} [port=broker-port] [user=username [pwd=password]] [codepage=codepage] [{file=filename | xfile=filename [key=key]}] [verserial=serial number|no] [verhost=yes|no|host name]
secondary=host-name [port=broker-port] [user=username [pwd=password]] [codepage=codepage] [{file=filename | [xfile=filename [key=key]}] [verserial=serial number|no] [verhost=yes|no]
[encrypt=yes|no|cipher] [compress=compression-method] [nft=yes|no] [comment=text] [tt=direct|deferred] [minsslprotocol=tls1_0|tls1_2|tls1_3]


Description

The open command opens a UDM transfer session: two-party or three-party.
 

...

Note
titleNote

The user and pwd parameters are not required for the local side (primary server) of a two-party transfer, as the UDM Manager will be running as the user that invoked it.

  • codepage specifies the codepage that will be used for text translation of transferred data. In addition to codepage (.utt) files supplied by the Universal Agent install, UDM supports codepage values of UTF-8, UTF-16, UTF-16BE (except on AIX), and UTF-16LE.

    When specified as the source codepage of a file transfer, the UTF-16 encodings describe the type of encoding - little endian or big endian - the conversion routines can expect to encounter in the input file. When a codepage of UTF-16 is specified the conversion routines will rely on the input file's byte order mark (BOM) or - if no BOM is present - the default encoding of the system on which the input file resides. When a codepage of UTF-16BE or UTF-16LE is specified, the conversion routines expect the input file to be encoded as big endian or little endian, respectively, regardless of what the file's actual encoding is.

    When specified as the target codepage of a file transfer, the UTF-16 encodings specify the encoding - little endian or big endian - the output file receives. When a codepage of UTF-16 is specified, the output file receives the default encoding of the system upon which it is written. When a codepage of UTF-16BE or UTF-16LE is specified, the output file is encoded as big endian or little endian, respectively, regardless of the system's native encoding.
Note
titleNote

For AIX, a codepage value of UTF-16BE is not supported, but a codepage value of UTF-16 will create a big-endian encoded file. UTF-16LE is supported on AIX to create a little endian-encoded file.

...

  • yes
    An agreed-upon cipher will be negotiated based on the components data_ssl_cipher_list configuration value.
  • no
    NULL-MD5 is used as the encryption method.
    • cipher
      Specific cipher to use as encryption method: AES256-GCM-SHA384,AES256-SHA,AES128-GCM-SHA256,AES128-SHA,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,RC4-SHA,RC4-MD5,DES-CBC3-SHA,NULL-SHA,NULL-SHA256,NULL-MD5. Specifying NULL-NULL as the cipher completely disables SSL/TLS when NULL-NULL also is specified in the UDM Server Data Cipher Lists associated with a transfer.
Note
titleNote

If encrypt is not specified, the value specified by the UDM Manager DATA_SSL_CIPHER_LIST configuration option is used (default is no).

...

  • tls1_0 specifies that the minimum SSL/TLS protocol is TLS 1.0.
  • tls1_2 specifies that the minimum SSL/TLS protocol is TLS 1.2.

Parameters

...

Parameter

...

Values

  • tls1_3 specifies that the minimum SSL/TLS protocol is TLS 1.3.

    Note

    TLS 1.3 is NOT currently supported on HP-UX and z/OS


Parameters

Parameter

Values

Description

primary







[{*|local|host name}]







Logical name of the primary transfer server.

If the value is * or local, a two-party transfer is initiated, with the UDM Manager acting as the primary server.

If only one server is specified. it is assumed to be the secondary. In this case, primary is assumed to be local and a two-party transfer is implied.

If both primary and secondary servers are specified, and the value of primary is host name, a three-party transfer is initiated with the primary server running on the machine specified by host name. The IP address of the primary server can also be used for host name.

secondary

host name

Logical name of the secondary server. Its value is the host name or IP address of the machine on which the secondary server will be running.


Note

The host name of the secondary server must be given from the perspective of the primary transfer server, not the UDM Manager.


port *

TCP port number or service name

Port on which the Broker that will initiate the transfer server is listening. If the port parameter is not specified, the port number is assumed to be 7887.


Note

The port parameter is not valid for the primary server in a two-party transfer.


user *

Valid username on the system the transfer server will be running on.

User name to authenticate with on the transfer server.

The user name must be valid on the system. Once authenticated, the default directory on the transfer server is set to the user's home directory under UNIX and HFS. Under Windows, the default directory will be a directory created for the user underneath where the Universal Agent suite is installed. For z/OS under the dsn file system, the user name will be the high level qualifier.


Note

This parameter is not valid for the primary server in a two-party transfer.


pwd *

Password of the user to authenticate.

Password, for the specified user name, for authenticating the user on the transfer server.


Note

This parameter is not valid for the primary server in a two-party transfer.


codepage *

Valid codepage

Codepage used for text translation on the transfer server.

Note

UTF-8, UTF-16, UTF-16BE (except on AIX), and UTF-16LE are supported for text translation. However, they are not a supported value for the UDM Manager CODE_PAGE or UDM Server CODE_PAGE configuration options.

If no codepage is specified, the codepage listed in UDM's configuration will be used.

file *

Valid filename

Plain text file containing the values for the transfer server: port, user, pwd, and/or codepage (see #file / xfile Parameters Format, below).

These values override any values specified by the port, user, pwd, and /or codepage parameters for the specified transfer server.

xfile *

Valid filename

Universal Encrypted text file containing the values for the transfer server: port, user, pwd, and/or codepage (see #file / xfile Parameters Format, below).

These values override any values specified by the port, user, pwd, and /or codepage parameters for the specified transfer server.

key *

Key used to decrypt the file specified by xfile

Key used to decrypt the file specified by the xfile parameter. If the key parameter is not specified, the default key for Universal Encrypt is used.

verserial *

<serial number> or no

Specification for authenticating the UDM Server serial number.

  • <serial number> specifies:
    • For a Two-Party Transfer Session: The secondaryverserial <serial number> is verified by the UDM Manager (the primary server) against the serial number contained in the secondary UDM Server's Universal Broker X.509 certificate.
    • For a Three-Party Transfer Session: The primary verserial<serial number> is verified by the UDM Manager against the serial number contained in the primary UDM Server's Universal Broker X.509 certificate. The secondaryverserial <serial number> is verified by the primary UDM Server against the serial number contained in the secondary UDM Server's Universal Broker X.509 certificate.
  • no specifies:
    • For a Two-Party Transfer Session: UDM Manager (the primary server) will not verify the serial number of the UDM Server (the secondary server).
    • For a Three-Party Transfer Session: If the primaryverserial is no, the UDM Manager will not verify the serial number of the primary UDM Server. If the secondaryverserial is no, the primary UDM Server will not verify the serial number of the secondary UDM Server.

verhost *

yes, no, or <host name>

Specification for authenticating the UDM Server host name.

  • yes specifies:
    • For a Two-Party Transfer Session: The secondary verhost<host name> is verified by the UDM Manager (the primary server) against the host name contained in the secondary UDM Server's Universal Broker X.509 certificate.
    • For a Three-Party Transfer Session: The primary verhost<host name> is verified by the UDM Manager against the host names contained in the primary UDM Server's Universal Broker X.509 certificate. The secondary verhost<host name> is verified by the primary UDM Server against the host names contained in the secondary UDM Server's Universal Broker X.509 certificate.
  • no specifies:
    • For a Two-Party Transfer Session: UDM Manager (the primary server) will not verify the host name of the UDM Server (the secondary server).
    • For a Three-Party Transfer Session: If the primary verhostis no, the UDM Manager will not verify the host name of the primary UDM Server. If the secondary verhost is no, the primary UDM Server will not verify the host name of the secondary UDM Server.
  • <host name> specifies:
    • For a Two-Party Transfer Session: The secondary verhost<host name> is verified by the UDM Manager (the primary server) against the host names contained in the secondary UDM Server's Universal Broker X.509 certificate.
    • For a Three-Party Transfer Session: The primary verhost<host name> is verified by the UDM Manager against the host names contained in the primary UDM Server's Universal Broker X.509 certificate. The secondary verhostcannot use <host-name>.

encrypt

yes, no, or cipher

Encryption method for the transfer session.

  • If the value is yes, an agreed-upon cipher will be negotiated based on the components data_ssl_cipher_list configuration value.
  • If the value is no, the NULL-MD5 cipher is used.

Otherwise, a valid cipher must be specified:

AES256-GCM-SHA384,AES256-SHA,AES128-GCM-SHA256,AES128-SHA,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,RC4-SHA,RC4-MD5,DES-CBC3-SHA,NULL-SHA,NULL-SHA256,NULL-MD5. Specifying NULL-NULL as the cipher completely disables SSL/TLS when NULL-NULL also is specified in the UDM Server Data Cipher Lists associated with a transfer.

compress

yes, no, force, hasp, or zlib

Compression method for the transfer session:

  • If the value is yes, the compression method specified in the UDM Manager's configuration is used.
  • If the value is no, no compression is required; however, compression will be used if the UDM Server DATA_COMPRESSION configuration option is set to yes.
  • If the value is force, no compression is used, even if the UDM Server DATA_COMPRESSION option is set to yes. .
  • If the value is hasp, HASP compression is used.
  • If the value is zlib, ZLIB (ZIP) compression is used.

nft

yes or no

Specification for whether or not the session is network fault tolerant:

  • yes specifies that the session will be network fault tolerant.
  • no specifies the session will not be network fault tolerant.

comment

text

Comment for a single session (or overrides a comment specified by the COMMENT option).
 
For example: open src=* dst=zos14 comment="Data transfer foraccount 94882"

tt

direct or deferred

Specification for where codepage translation is performed for files transferred in text mode, thus allowing you to choose which side of the connection will incur the overhead of codepage translation:

  • direct specifies that codepage translation will be performed in the component sending the file - prior to transmission.
  • deferred specifies that codepage translation will be performed in the component receiving the file - after transmission.

If the tt parameter is not specified, the translation defaults to direct.


minsslprotocol

tls1_0 or tls1_2 or tls1_

2

3

Minimum SSL/TLS protocol to be used in both control and data sessions between client and server parties.

  • tls1_0 specifies that the minimum SSL/TLS protocol is TLS 1.0.
  • tls1_2 specifies that the minimum SSL/TLS protocol is TLS 1.2.

  • tls1_3 specifies that the minimum SSL/TLS protocol is TLS 1.3.

    Note

    TLS 1.3 is NOT currently supported on HP-UX and z/OS


Examples

To open a two-party transfer session between two machines, explicitly specifying the primary server:

...

Note
titleNote

file and xfile can be shared with Universal Command.


open Command Parameter Format

file / xfile Parameter Format

Description

port=broker-port

-port broker-port

Port that the broker is accepting requests on to start a UDM server.

user=user-name

-userid user-name

User (local to the host on which the server will be running) under which the transfer operation is being carried out.

pwd=password

-pwd password

Password for the user.

codepage=codepage

-codepage codepage

Codepage that will be used for text translation of transferred data.