First, I’ll start by apologizing for the lack of delay in actually launching the full user group site. As badly as Axway needs an online user community, they know it, and are collaborating fully with trying to get as much out there for the customers as possible - which is fantastic news.  And, before my Synchrony Tip of the Day, I’ve got another piece of fantastic news. We got FTP with SSL/TLS to work…unfortunately it worked in implicit mode only for me, but support was able to make it work explicitly too, meaning we’ve got firewall issues to work out! Yay! I’ll get screenshots of the profiles and remote sites and models used to successfully do a LIST from the remote FTP site tomorrow!

Now for the tips of the day -

1. If you’re running Axway’s Synchrony Gateway, product, you should be very aware of the .out files located at /run_time/tmp within your gateway install directory. There are a number of them, sup.out, secs.out, sys.out, f_ftp.out, f_sftp.out. These are a product of the trace level for certain things being set to full, an can be very helpful. The problem is that these files are overwritten when gateway starts without being archived or backed up. As such, you’ll want to either manually intervent an copy those files before starting Gateway if there was a crash, or scripting something to do it for you each time.

2. Tip number 2 involves upgrading or migrating gateway/integrator from the synchrony suite to another platform or version. I’ve seen it affect integrator hardcore, but its a very comon misstep not to actually import and trust the keys after you’ve copied them over. Since this can be quite cumbersome, I asked a very generous Unix Admin to help me with a script. And here’s what we came up with!

There are two parts actually. One takes all of the keys in a directory an imports them….That’s a bit of a one liner, and can be seen below -

for key in /axway/gpg_keys/*; do gpg –import “$key”; done
In that case, our gpg/pgp keys were all at /axway/gpg_keys/, you woul obviously replace that with your own directory. You could save it to a file called importer and run ./importer, or just change your directory and run it manually.
The hardest part is then trusting all of their keys. This script will help by doding a gpg –list-keys, and then taking just the email adresses from the keys to use in an edit-key command for trust.

__

$ cat /axway/tony/keytrust
#!/bin/bash
 
for keyplus in `gpg –list-keys |
                grep “<.*>” |
                awk -F’<’ ‘{print $2}’ |
                awk -F’>’ ‘{print $1}’ |
                sed “s/ /+/g”`
do
  key=`echo $keyplus | sed “s/+/ /g”`
  echo “$key”
  gpg -v –edit-key “$key” trust
done
This will then take that list of keys (e-mail aresses), an run a gpg —edit-key on them, and type trust for you. You’ll still have to manually set your trust level, say yes, and quit for the save to take affect. As a result of running that as a script, i hit (5, y, q) about 120 times. It was still much, much quicker than doing the gpg –edit-key <keyname> because you’ve hadve to type them all in manually.
The one catch is that will everything will be imported, keys that dont have email addresses associate (should be relatively few) wont be included in the trust list, so you’ll wanna have a peek to make sure everything worked for you.
And with that, I’m off to be. There’s a better chance than not that i’ll have to be up in about 3.5 hours for the day tomorrow.
Au revoir!