JoAnn Pierson from Wells Fargo bank called me and I am now very relieved.
This is a little long but I do have two questions at the end.  This could
help all direct connections not using their software.  The previous rants
on this list stemming indirectly from myself about not being able to go
production with the secure FTP due to password changes and logon
requirements will be resolved.  She said the reason the secure FTP is
requiring a user id and password is that their Tumbleweed software is
prompting for it.  She said the new version of Tumbleweed set for before
the end of the year will not prompt for user id and password and will use
the certificate.  For now, we can keep our password for 4 months and then
have to change it but hopefully not after that.  We would still have to
renew the certificates every year.  Initially they were going to scramble
the password since they figured the certificate would logon.  She said that
recently they have been required to make exceptions for customers who
connect directly such as midrange and mainframe customers.  She said she
has gotten complaints from others.  It works fine in test but then can't go
production and customers don't want to make it manual.  Customers who use
the Tumbleweed software don't get the logon and also connecting through
Internet Explorer as I have seen.  She said that https://sft.wellsfargo.com
is set to handle secure FTP, HTTPS, and AS2 and should be used.  The old
site limited to HTTPS was https://redxfer.wellsfargo.com.  I looked into
Scott Klement's HTTPAPI and this would probably work for the send.  But,
for automating cleared check receival, it just couldn't quite cut it (get
the list of files, receive them, delete them).  The software looks pretty
useful though.  Dave Parnin's example of using HTTPAPI for sending to Wells
Fargo was pretty good.  I already had an automated script used for our VPN
with JPMorgan Chase (Bank One) for sending and receiving files that
basically did not have to change much for Wells Fargo.  I tried the
certificates on https://redxfer.wellsfargo.com and I got a server logon I
couldn't get past.  Apparently it had different credentials than
https://sft.wellsfargo.com.
Their documentation said to use https://redxfer.wellsfargo.com for HTTPS!
But, JoAnn said that https://sft.wellsfargo.com handles HTTPS and that was
what our certificates were setup for.
My guess is that they started with HTTPS as the only option from
https://redxfer.wellsfargo.com then had to broaden and accomodate midrange
and mainframe customers into their new website and include AS2 into the
https://sft.wellsfargo.com.
So, the bottom line is that file transfer can be simplified using secure
FTP with Wells Fargo instead of HTTPS for the midrange and mainframe
community.
The only thing I'm not sure about is the impact of having a certificate
tied to the secure FTP application for all users and sessions.  I haven't
noticed anything yet and we have been sending them files.  Our setup
wouldn't affect any other types of other possible secure FTP we might
implement in the future would it?  Anyone see a problem?

Craig Strong


As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.