Forum » Scripting / Automation »

Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Connection Failure to Certificate

I'm not sure I understand your response.
So is the problem solved or not? If not, please post logs with the certificate fingerprints NOT masked out (it's NOT sensitive information).
Hospital

Re: Connection Failure to Certificate

HI,

Thank you for your help.
The code and the value for the certificate was generated as mentioned.
martin

Re: Connection Failure to Certificate

The value in -certificate switch probably does not match the actual certificate. We cannot help you further, as you have masked out all certificate information in the log.
Generating the open code after connecting with GUI should give you correct value:
https://winscp.net/eng/docs/ui_generateurl#script
Hospital

Connection Failure to Certificate

Hi,

I am trying to connect to our server using a script file but unsuccessful. When connecting thru the program and manually accepting the certificate, it works. Appreciate any help.

Log file: 
. 2022-12-06 12:42:13.542 --------------------------------------------------------------------------
. 2022-12-06 12:42:13.542 WinSCP Version 5.21.6 (Build 12913 2022-11-28) (OS 10.0.17763 - Windows Server 2019 Datacenter)
. 2022-12-06 12:42:13.542 Configuration: nul
. 2022-12-06 12:42:13.542 Log level: Normal
. 2022-12-06 12:42:13.542 Local account: XXX\SQL_ExecJobs
. 2022-12-06 12:42:13.542 Working directory: C:\Windows\system32
. 2022-12-06 12:42:13.542 Process ID: 11960
. 2022-12-06 12:42:13.557 Ancestor processes: ISServerExec, ...
. 2022-12-06 12:42:13.557 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe" /ini=nul /script="D:\XXX\YYY\ScriptFiles\XXX.txt" /log="D:\XXX\YYY\LogFiles\XXX.txt" 
. 2022-12-06 12:42:13.557 Time zone: Current: GMT-5, Standard: GMT-5 (Eastern Standard Time), DST: GMT-4 (Eastern Daylight Time), DST Start: 2022-03-13, DST End: 2022-11-06
. 2022-12-06 12:42:13.557 Login time: December 6, 2022 12:42:13 PM
. 2022-12-06 12:42:13.557 --------------------------------------------------------------------------
. 2022-12-06 12:42:13.557 Script: Retrospectively logging previous script records:
> 2022-12-06 12:42:13.557 Script: option batch abort
< 2022-12-06 12:42:13.557 Script: batch           abort     
> 2022-12-06 12:42:13.557 Script: option confirm off
< 2022-12-06 12:42:13.557 Script: confirm         off       
> 2022-12-06 12:42:13.557 Script: open ftps://XXX:***@FTPNAME/ -certificate="XXX"
. 2022-12-06 12:42:13.557 --------------------------------------------------------------------------
. 2022-12-06 12:42:13.557 Session name: XXX@FTPNAME (Ad-Hoc site)
. 2022-12-06 12:42:13.557 Host name: FTPNAME (Port: 990)
. 2022-12-06 12:42:13.557 User name: XXX (Password: Yes, Key file: No, Passphrase: No)
. 2022-12-06 12:42:13.557 Transfer Protocol: FTP
. 2022-12-06 12:42:13.557 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
. 2022-12-06 12:42:13.557 Disable Nagle: No
. 2022-12-06 12:42:13.557 Proxy: None
. 2022-12-06 12:42:13.557 Send buffer: 262144
. 2022-12-06 12:42:13.557 UTF: Auto
. 2022-12-06 12:42:13.557 FTPS: Implicit TLS/SSL [Client certificate: No]
. 2022-12-06 12:42:13.557 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
. 2022-12-06 12:42:13.557 Session reuse: Yes
. 2022-12-06 12:42:13.557 TLS/SSL versions: TLSv1.0-TLSv1.3
. 2022-12-06 12:42:13.557 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2022-12-06 12:42:13.557 Cache directory changes: Yes, Permanent: Yes
. 2022-12-06 12:42:13.557 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2022-12-06 12:42:13.557 Timezone offset: 0h 0m
. 2022-12-06 12:42:13.557 --------------------------------------------------------------------------
< 2022-12-06 12:42:13.573 Script: Connecting to FTPNAME:990 ...
. 2022-12-06 12:42:13.573 Connecting to FTPNAME:990 ...
. 2022-12-06 12:42:13.573 Connected with FTPNAME:990, negotiating TLS connection...
. 2022-12-06 12:42:13.620 Verifying certificate for "XXX" with fingerprint XXX and 18 failures
. 2022-12-06 12:42:13.620 Asking user:
. 2022-12-06 12:42:13.620 **The server's certificate is not known. You have no guarantee that the server is the computer you think it is.**
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Server's certificate details follow:
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Issuer:
. 2022-12-06 12:42:13.620 - Organization: XXX, I.T., certificate1, informationtechnology@XXX.com
. 2022-12-06 12:42:13.620 - Location: CA, ON, Toronto
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Subject:
. 2022-12-06 12:42:13.620 - Organization: XXX, I.T., certificate1, informationtechnology@XXX.com
. 2022-12-06 12:42:13.620 - Location: CA, ON, Toronto
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Valid: 2022-07-12 2:39:20 PM - 2023-07-12 2:39:20 PM
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Fingerprints:
. 2022-12-06 12:42:13.620 - SHA-256: XXX
. 2022-12-06 12:42:13.620 - SHA-1: XXX
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Summary: Self-signed certificate. The error occurred at a depth of 1 in the certificate chain.
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Certificate was not issued for this server. You might be connecting to a server that is pretending to be "FTPNAME".
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 If you trust this certificate, press Yes. To connect without storing certificate, press No. To abandon the connection press Cancel.
. 2022-12-06 12:42:13.620 
. 2022-12-06 12:42:13.620 Continue connecting and store the certificate? ()
< 2022-12-06 12:42:13.620 Script: The server's certificate is not known. You have no guarantee that the server is the computer you think it is.
< 2022-12-06 12:42:13.620 Server's certificate details follow:
< 2022-12-06 12:42:13.620 Issuer:
< 2022-12-06 12:42:13.620 - Organization: XXX, I.T., certificate1, informationtechnology@XXX.com
< 2022-12-06 12:42:13.620 - Location: CA, ON, Toronto
< 2022-12-06 12:42:13.620 Subject:
< 2022-12-06 12:42:13.620 - Organization: XXX, I.T., certificate1, informationtechnology@XXX.com
< 2022-12-06 12:42:13.620 - Location: CA, ON, Toronto
< 2022-12-06 12:42:13.620 Valid: 2022-07-12 2:39:20 PM - 2023-07-12 2:39:20 PM
< 2022-12-06 12:42:13.620 Fingerprints:
< 2022-12-06 12:42:13.620 - SHA-256: XXX
< 2022-12-06 12:42:13.620 - SHA-1: XXX
< 2022-12-06 12:42:13.620 Summary: Self-signed certificate. The error occurred at a depth of 1 in the certificate chain.
< 2022-12-06 12:42:13.620 Certificate was not issued for this server. You might be connecting to a server that is pretending to be "FTPNAME".
< 2022-12-06 12:42:13.620 If you trust this certificate, press Yes. To connect without storing certificate, press No. To abandon the connection press Cancel.
< 2022-12-06 12:42:13.620 Continue connecting and store the certificate?
. 2022-12-06 12:42:23.625 Answer: Cancel
. 2022-12-06 12:42:23.625 Peer certificate rejected
. 2022-12-06 12:42:23.625 Disconnected from server
. 2022-12-06 12:42:23.625 Connection failed.
< 2022-12-06 12:42:23.625 Script: Connection failed.
< 2022-12-06 12:42:23.625 Peer certificate rejected
 
< 2022-12-06 12:42:23.625 Disconnected from server
 
< 2022-12-06 12:42:23.625 Connection failed.

Documentation

Support

Associations

Follow Us