Security

Security Guide

This section covers security concepts and best practices for configuring Riversoft STCP solutions, including OFTP protocol, TLS, digital certificates and network connectivity.

ℹ️
For the complete security guide in Portuguese, please refer to the Segurança section.

OFTP Protocol

OFTP (ODETTE File Transfer Protocol) provides a standardized and secure method for exchanging business files between trading partners. Key security features include:

  • Authentication — mutual identification between communicating parties
  • Encryption — TLS/SSL support for data in transit
  • Non-repudiation — digital signatures for file exchange confirmation
  • Compression — built-in data compression

TLS Configuration

For secure connections, STCP supports TLS 1.2 and TLS 1.3. Certificates must be in PEM or PFX format.

Digital Certificates

Certificates are used for both authentication and encryption. STCP supports:

  • Self-signed certificates (for testing)
  • CA-signed certificates (recommended for production)
  • Certificate chains with intermediate CAs