Skip to Content
Technical Articles
Author's profile photo Nisha Shrivansh

Configuration of FTP and SFTP adapter in Cloud Integration(CPI)

Dear Reader,

In this blog post I will explain each step required to configure FTP and SFTP adapter in CPI using basic authentication.

The FTP adapter allows you to configure transport protocol FTP/FTPS for the connection to the FTP server to send messages to the FTP server or to receive messages from the FTP server. FTP adapter uses TCP protocol to connect to CPI tenant to remote system to send/receive files.

The SFTP Adapter connects an SAP Cloud Integration tenant to a remote system using the SSH File Transfer protocol to write files to the system. The SFTP adapter uses a certificate and keystore to authenticate the file transfer unlike the standard FTP. The SFTP adapter achieves secure transfer by encrypting sensitive information before transmitting it on the network. It uses SSH protocol to transfer files.

We have requirements mostly in Financial workstream to poll the files from bank server and post the files to SAP system without changing the content of file. File format can be any XML, TXT, CSV, BAI, BAI2 etc.

Message flow will be like this:

Message%20Flow

Message Flow

Steps required to configure this Integration Flow in CPI:

Step1: To connect to FTP server we should have FTP server url/IP address, port, user id and password details. To connect to FTP server, we should a establish TCP connection in Cloud connector first.

You need to login to cloud connector and go to Cloud to On Premise and add Mapping virtual to Internal system.

Here we need to maintain 2 connections. One is FTP control connection with port 21 and other one is FTP data connection with port data port range.

 

Step 2: Deploy FTP credentials to Security material of CPI.

Step 3: Create TCP connection for SFTP server same as FTP:

 

Step 4: Update SFTP Known_host file in CPI security material. If it is not available, then we can create this file and deploy in CPI.

Now how to get this known_host details (public key) of SFTP?

Option 1: get it from SFTP server admin.

Option 2: We can generate it ourselves using connection test in CPI tenant.

Operations view- > Manage security-> Connectivity test->SSH

Provide your virtual host created in Cloud connector, SFTP port, CPI location id and click send. It will generate the host key. We can copy this host key and update in known_host file.

 

Step 5: Deploy SFTP credentials in security materials.

Step 6: Create Integration Flow in CPI.

Content modifier header property is used to keep file name same as source.

 

Step 7: Now deploy the iflow.

Step 8: Testing the Iflow: I have placed the file on FTP server directory:

So, file Test_18_09_2021.txt has been picked up and sent to SFTP server location with same file name.

 

 

In this blog post we learnt about how to configure FTP and SFTP adapter in cloud platform integration using basic authentication.

References:

Configure the SFTP Receiver Adapter – SAP Help Portal

Configure the FTP Sender Adapter – SAP Help Portal

https://launchpad.support.sap.com/#/notes/0003076681

 

Happy reading 🙂

 

Thanks & Regards,

Nisha Shrivansh

 

Assigned Tags

      11 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Sanjana Satyan
      Sanjana Satyan

      Thanks for sharing, very useful 🙂

      Author's profile photo Mio Yasutake
      Mio Yasutake

      Nice blog! Thanks for sharing.

      Just a basic question: what is the trigger of this flow?

      Such as putting a file into the source directory, or the flow triggers itself every x minutes.

      Best regards,

      Mio

      Author's profile photo Nisha Shrivansh
      Nisha Shrivansh
      Blog Post Author

      Hi, You need to schedule a time on scheduler option in FTP adapter, iflow pulls the file in that defined period.

      Thanks & Regards,

      Nisha Shrivansh

       

      Author's profile photo Mio Yasutake
      Mio Yasutake

      Thanks for your answer. Understood.

      Best regards,

      Mio

      Author's profile photo Dinesh M
      Dinesh M

      Hi Nisha,

      Could you give us a view on how to maintain the values in known_host file

      1. Is it only SSH fingerprint or do we need to maintain in different format

      2. What if we have multiple SFTP servers connecting via different flows in same tenant

      In this case, how do we differentiate multiple values in a known host file?

      Thanks,

      Dinesh

      Author's profile photo Nisha Shrivansh
      Nisha Shrivansh
      Blog Post Author

      Hi Dinesh,

      Sorry for late reply.

      you can get the host key by performing the SSH connection test under connectivity test tile.
      if there are multiple SFTP servers connected with same CPI tenant then we need to maintain all host key entries in the same known_host file.

       

      Thanks & Regards,

      Nisha Shrivansh

      Author's profile photo Dinesh M
      Dinesh M

      Hi Nisha,

      Understood! 

      I'm connecting to the local system directory from CPI, below is the error I'm getting while generating fingerprint 

      Proxy-Type given as Internet

      com.jcraft.jsch.JSchException: java.net.ConnectException: error 111 - Connection refused (Connection refused) (local port 54160 to address 0.0.0.0, remote port 22 to address X.X.X.X 

      Proxy Type given as On-Premise

      com.jcraft.jsch.JSchException: Session.connect: java.net.SocketException: SOCKS5 command failed with status: FORBIDDEN

      Any clue on what could be the issue?

      Thanks,

      Dinesh

      Author's profile photo Sanjeeb Sarkar
      Sanjeeb Sarkar

      Hi Dinesh,

      I am also getting the same error , any idea on how to resolve this ?

      Author's profile photo Dinesh M
      Dinesh M

      Hi Sanjeeb,

      In my case, it was cloud connector issue. I recreated the connection in CC and restarted the SFTP server then it started working

      Thanks,

      Dinesh

      Author's profile photo Sanjeeb Sarkar
      Sanjeeb Sarkar

      Hi Dinesh,

      Thank you for the response. Its a FTP server on my side, I will see if restarting that makes any difference or not.

      Author's profile photo Anirban Dutta
      Anirban Dutta

      Hello Nisha,

       

      In the blog you mention that "we need to maintain 2 connections. One is FTP control connection with port 21 and other one is FTP data connection with port data port range."

      One is FTP control connection with port 21, I can see, the first scree print. What about FTP data connection with port data port range?