Topic "TLS certificate Issuer and Subject are mixed up"

Author Message
/usr/local/dick
[View user's profile]

Joined: 2013-01-11
Posts: 1
Location: Amsterdam
Hi guys

I am trying to connect to our Pure-FTPD server (Ubuntu 8.04 LTS 32-bit, pure-ftpd-postgresql 1.0.21-11.1ubuntu2).
This server is configured to do TLS.
Upon connecting, I get a certificate warning. The issue is not with the fact that there is a warning, it is about the content of the warning.
The warning message seems to mix up the certificate Issuer and the certificate Subject.
Don't get fooled by the names, in this case the "Organization" of both the subject and issuer are the same.

This is Winscp-5.1.3 on a clean Windows 7 64-bit VM.

Attached is a screendump, some OpenSSL debugging, and the X509 key material.
winscp_issuer_subject_mixup.PNG (153.32 KB)

Description: Screendump of warning message from WinSCP, with mixed up Issuer and Subject

winscp_issuer_subject_mixup.PNG

pure-ftpd.pem.txt (6.72 KB) [Download]

Description: X509 PEM file as used by Pure-FTPD server.

ftp.log.txt (4.75 KB) [Download]

Description: Ouput of OpenSSL command:

echo QUIT | openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -starttls ftp -connect www.terena.org:21

You can check this yourself as this is a public system.

martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
Thanks for your report.

This bug has been added to the tracker:
http://winscp.net/tracker/show_bug.cgi?id=967
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License