While configuring SFTP adapter channels, users are unable to reference private key files stored in a local directory on the file system for authentication. Currently, the adapter only supports uploading keys via the NWA, which limits flexibility in key management.
This enhancement allows the SFTP adapter channel to reference private key files stored in a local directory on the PO server (e.g., LocalDir/PO/keys/) offering greater flexibility in key management.
To enable this feature, two new advanced mode parameters have been introduced:
useLocalPrivateKey (default: false)
When set to true, the adapter will read the private key file from a local directory specified by the openSshKeyPath parameter.
openSshKeyPath (default: null)
Specifies the file path to the OpenSSH private key. This parameter is required only when useLocalPrivateKey is set to true.
At runtime, if ‘useLocalPrivateKey’ is set to true and ‘openSshKeyPath’ is configured:
- Adapter attempts to read key from local file path.
- Ensures key is PEM formatted, readable, and secure.
- Logs error and aborts if file does not exist, permissions are insecure, or key parsing fails.
If ‘openSshKeyPath’ is not set, falls back to NWA-uploaded key.
Existing channels using NWA-uploaded keys will continue to work unchanged. New functionality is opt-in via configuration.
For SP/patch level details following SAP Note can be referred: 3607095 - Enable Key Transmission from Local Directory in SFTP Adapter
