Topic "Peer Certificate rejected"

Author Message
sangeethu
[View user's profile]

Joined: 2012-06-06
Posts: 4
Location: Detroit
I have used winscp dll to connect to sftp test server. But I received Connection failed -> Peer Certificate rejected error.
Please help
SessionOptions sessionOptions = new SessionOptions {
Protocol = Protocol.Ftp,
HostName = "ftp.secureftp-test.com",
UserName = "test",
Password = "test",
PortNumber=990,
FtpSecure=FtpSecure.Implicit,

};
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24555
Location: Prague, Czechia
Are you able to connect from WinSCP GUI?
Please post a session log file (Session.SessionLogPath).
sangeethu
[View user's profile]

Joined: 2012-06-06
Posts: 4
Location: Detroit
. 2012-06-07 11:34:25.592 --------------------------------------------------------------------------
. 2012-06-07 11:34:25.624 WinSCP Version 5.0.7 (Build 2268) (OS 5.1.2600 Service Pack 3)
. 2012-06-07 11:34:25.624 Configuration: null
. 2012-06-07 11:34:25.639 Local account:test\est
. 2012-06-07 11:34:25.639 Login time: Thursday, June 07, 2012 11:34:25 AM
. 2012-06-07 11:34:25.639 --------------------------------------------------------------------------
. 2012-06-07 11:34:25.639 Session name: test@ftp.secureftp-test.com (Ad-Hoc session)
. 2012-06-07 11:34:25.639 Host name: ftp.secureftp-test.com (Port: 990)
. 2012-06-07 11:34:25.639 User name: test (Password: Yes, Key file: No)
. 2012-06-07 11:34:25.639 Tunnel: No
. 2012-06-07 11:34:25.639 Transfer Protocol: FTP
. 2012-06-07 11:34:25.639 Ping type: C, Ping interval: 30 sec; Timeout: 15 sec
. 2012-06-07 11:34:25.639 Proxy: none
. 2012-06-07 11:34:25.639 FTP: FTPS: Implicit SSL/TLS; Passive: Yes [Force IP: No]
. 2012-06-07 11:34:25.639 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2012-06-07 11:34:25.639 Cache directory changes: Yes, Permanent: Yes
. 2012-06-07 11:34:25.639 DST mode: 1
. 2012-06-07 11:34:25.639 --------------------------------------------------------------------------
. 2012-06-07 11:34:26.046 Connecting to ftp.secureftp-test.com:990 ...
. 2012-06-07 11:34:26.186 Connected with ftp.secureftp-test.com:990, negotiating SSL connection...
. 2012-06-07 11:34:26.452 Asking user:
. 2012-06-07 11:34:26.452 The server's certificate is not known. You have no guarantee that the server is the computer you think it is. Server's certificate details follow:
. 2012-06-07 11:34:26.452
. 2012-06-07 11:34:26.452 Issuer:
. 2012-06-07 11:34:26.452 - Organization: Chilkat Software, Inc., Secure FTP Test, secureftp-test.com, admin@chilkatsoft.com
. 2012-06-07 11:34:26.452 - Location: US, Illinois, Wheaton
. 2012-06-07 11:34:26.452
. 2012-06-07 11:34:26.452 Subject:
. 2012-06-07 11:34:26.452 - Organization: Chilkat Software, Inc., Secure FTP Test, secureftp-test.com, admin@chilkatsoft.com
. 2012-06-07 11:34:26.452 - Location: US, Illinois, Wheaton
. 2012-06-07 11:34:26.452
. 2012-06-07 11:34:26.452 Valid: 6/20/2011 4:05:00 PM - 6/19/2012 4:05:00 PM
. 2012-06-07 11:34:26.452
. 2012-06-07 11:34:26.452 Fingerprint (SHA1): ca:1f:10:c9:ec:33:cd:4c:1d:de:a2:93:54:02:5a:a5:c9:78:16:8e
. 2012-06-07 11:34:26.452
. 2012-06-07 11:34:26.452 Summary: Self signed certificate. The error occured at a depth of 1 in the certificate chain.
. 2012-06-07 11:34:26.452
. 2012-06-07 11:34:26.452 If you trust this certificate, press Yes. To connect without storing certificate, press No. To abandon the connection press Cancel.
. 2012-06-07 11:34:26.452
. 2012-06-07 11:34:26.452 Continue connecting and store the certificate? ()
. 2012-06-07 11:34:26.514 Peer certificate rejected
. 2012-06-07 11:34:26.514 Disconnected from server
. 2012-06-07 11:34:26.546 Connection failed.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24555
Location: Prague, Czechia
Make sure you set SessionOptions.SslCertificate to accept the untrusted certificate:
http://winscp.net/eng/docs/library_sessionoptions
sangeethu
[View user's profile]

Joined: 2012-06-06
Posts: 4
Location: Detroit
Thanks for your reply. I tried setting the SSLCertificate in the SessionOptions Constructor, and now I am facing a different issue


Please let me know how to set FtpForcePasvIp=1 using WINSCP dll.

. 2012-06-08 12:19:54.813 Starting upload of c:\Documents and Settings\Greg.Goeveryware\My Documents\EULA.txt
> 2012-06-08 12:19:54.813 TYPE A
< 2012-06-08 12:19:54.875 200 Type set to A
> 2012-06-08 12:19:54.875 PASV
< 2012-06-08 12:19:54.938 227 Entering Passive Mode (192,168,1,80,78,187)
> 2012-06-08 12:19:54.938 MLSD
< 2012-06-08 12:20:05.907 425 Can't open data connection.
> 2012-06-08 12:20:05.907 SIZE EULA.txt
< 2012-06-08 12:20:05.969 550 File not found
> 2012-06-08 12:20:05.969 MDTM EULA.txt
< 2012-06-08 12:20:06.032 550 File not found
> 2012-06-08 12:20:06.032 TYPE I
< 2012-06-08 12:20:06.094 200 Type set to I
> 2012-06-08 12:20:06.094 PASV
< 2012-06-08 12:20:06.157 227 Entering Passive Mode (192,168,1,80,78,188)
> 2012-06-08 12:20:06.157 STOR EULA.txt
< 2012-06-08 12:20:17.063 425 Can't open data connection.
. 2012-06-08 12:20:17.063 Copying files to remote side failed.
* 2012-06-08 12:20:17.063 (ExtException) Copying files to remote side failed.
* 2012-06-08 12:20:17.063 Can't open data connection.
. 2012-06-08 12:20:17.063 Asking user:
. 2012-06-08 12:20:17.063 Error transferring file 'c:\Documents and Settings\Greg.Goeveryware\My Documents\EULA.txt'. ("Copying files to remote side failed.","Can't open data connection.")
* 2012-06-08 12:20:17.063 (EScpSkipFile) Error transferring file 'c:\Documents and Settings\Greg.Goeveryware\My Documents\EULA.txt'.
* 2012-06-08 12:20:17.063 Copying files to remote side failed.
* 2012-06-08 12:20:17.063 Can't open data connection.
. 2012-06-08 12:20:17.063 Script: Failed
> 2012-06-08 12:20:17.204 Script: exit
. 2012-06-08 12:20:17.204 Disconnected from server
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24555
Location: Prague, Czechia
SessionOptions.AddRawSettings("FtpForcePasvIp", "1")
http://winscp.net/eng/docs/library_sessionoptions
_________________
Martin Prikryl
sangeethu
[View user's profile]

Joined: 2012-06-06
Posts: 4
Location: Detroit
Thanks a lot Martin. Is there any way I can obtain SSL Certificate automatically from FTPS Connection, instead of assigning it specifically in SessionOptions Constructor.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24555
Location: Prague, Czechia
Following FAQ is about SSH host key, but it actually applies to SSL certificate to. Basically you do not want do this!
https://winscp.net/eng/docs/faq_hostkey
With SSL certificate, you have an additional option, to back up the certificate by certificte authority.
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License