Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Peer certificate rejected

Tanveer_Munavar wrote:

#$sessionOptions.SshHostKeyFingerprint = "FTP server does not have a finger print"

With FTPS, you need to use SessionOptions.TlsHostCertificateFingerprint:
https://winscp.net/eng/docs/library_sessionoptions
Tanveer_Munavar

Peer certificate rejected

. 2014-09-04 11:32:02.895 Connecting to aft.XXX.com:990 ...

. 2014-09-04 11:32:03.015 Connected with aft.XXX.com:990, negotiating TLS connection...
. 2014-09-04 11:32:03.255 Verifying certificate for "WW00057P.XXXXXX.com" with fingerprint XXXX:7b and 18 failures
. 2014-09-04 11:32:33.265 Asking user:
. 2014-09-04 11:32:33.265 **The server's certificate is not known. You have no guarantee that the server is the computer you think it is.**
. 2014-09-04 11:32:33.265
. 2014-09-04 11:32:33.265 Server's certificate details follow:
. 2014-09-04 11:32:33.265
. 2014-09-04 11:32:33.265 Issuer:
. 2014-09-04 11:32:33.265 - Organization: WW00057P.XXXX.com, WW00057P.XXX.com, WW00057P.XXX.com, admin@W
. 2014-09-04 11:32:33.275 - Location: US, US, WW00057P.oneabbott.com
. 2014-09-04 11:32:33.275
. 2014-09-04 11:32:33.275 Subject:
. 2014-09-04 11:32:33.275 - Organization: WW00057P.XXX.com, WW00057P.oneabbott.com, WW00057P.XXX.com, admin@W
. 2014-09-04 11:32:33.275 - Location: US, US, WW00057P.XXXX.com
. 2014-09-04 11:32:33.275
. 2014-09-04 11:32:33.275 Valid: 5/14/2010 6:44:23 PM - 5/14/2011 11:44:19 PM
. 2014-09-04 11:32:33.275
. 2014-09-04 11:32:33.275 Fingerprint (SHA1): XXXXXXXXXXX
. 2014-09-04 11:32:33.275
. 2014-09-04 11:32:33.275 Summary: Self signed certificate. The error occurred at a depth of 1 in the certificate chain.
. 2014-09-04 11:32:33.275
. 2014-09-04 11:32:33.275 Certificate was not issued for this server. You might be connecting to a server that is pretending to be "aft.oneabbott.com".
. 2014-09-04 11:32:33.275
. 2014-09-04 11:32:33.275 If you trust this certificate, press Yes. To connect without storing certificate, press No. To abandon the connection press Cancel.
. 2014-09-04 11:32:33.275
. 2014-09-04 11:32:33.275 Continue connecting and store the certificate? ()
. 2014-09-04 11:32:33.275 Peer certificate rejected
. 2014-09-04 11:32:33.275 Disconnected from server



Im using winscp 5.6.1 (beta) | Windows 2008 R2 | Powershell V3

FTP server does not have a finger print

    #Load WinSCP .NET assembly 

    [Reflection.Assembly]::LoadFrom("C:\Program Files (x86)\WinSCP\WinSCPnet.dll") | Out-Null
    $now = Get-Date
    write-host "`nwinscp assemly is loaded successfully --- $now `n"

    # Setup session options
    $sessionOptions = New-Object WinSCP.SessionOptions
    $sessionOptions.Protocol = [WinSCP.Protocol]::ftp
    #$sessionOptions.FtpMode = [WinSCP.FtpMode]::Passive
    $sessionOptions.FtpSecure = [WinSCP.FtpSecure]::Implicit
    $sessionOptions.HostName = "aft.XXXXX.com"
    $sessionOptions.UserName = "adcbiarvtp"
    #$sessionOptions.PortNumber = "21"
    $sessionOptions.password = "Spring!14"
    #$sessionOptions.SshHostKeyFingerprint = "FTP server does not have a finger print"
 
    $now = Get-Date
    write-host "setting up new session --- $now `n"
   
    $session = New-Object WinSCP.Session
    $Session.SessionLogPath = “E:\Scripts\Logs\test.txt"
    #Connect to the FTP server
    $session.Open($sessionOptions)
martin

Re: Problem accepting certificate automatically

That should be OK. But anyway, please upgrade and post a log file.
heimdall2013

Re: Problem accepting certificate automatically

I am using:

WinSCP Version 4.2.5 (Build 624) could the version be the reason of the problem?

Thanks

martin wrote:

What version of WinSCP are you using? Make sure you have the latest (stable) one.
martin

Re: Problem accepting certificate automatically

What version of WinSCP are you using? Make sure you have the latest (stable) one.
heimdall2013

Problem accepting certificate automatically

I am exeucuting a script which executes the following command:

> C:\"program files"\winscp\winscp.exe /ini="D:/Conf.ini" /console /log="D:\Log.log" /command "open ftps://user:pass@SERVER.COM -passive -certificate=""xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx""""" "option transfer binary""" "option confirm off""" "cd """ "put D:\*.*""" "exit"""

And my log shows the following prompt which I can't answer since I am executing it from a script:

> Continue connecting and store the certificate? ()

I have accepted manually, but when running the script it keeps showing the question.

Do any of you know how could I accept this from the command? I have added the -certificate (with the fingerprint shown in the log) to my command and still can't make it work

This is what my log shows

> Connecting to XXX.XXX.XXX.XXX:XXX ...
> Connected with XXX.XXX.XXX.XXX:XXX, negotiating SSL connection...
> Asking user:
> The server's certificate is not known. You have no guarantee that the server is the computer you think it is. Server's certificate details follow:
>
> Issuer:
> - Organization: XXXXXXXXXX
> - Location: XXXXXXXXXX
>
> Subject:
> - Organization: XXXXXXXXXX
> - Location: XXXXXXXXX
>
> Valid: 7/26/2011 12:00:00 AM - 7/27/2012 11:59:59 PM
>
> Fingerprint (SHA1): xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
>
> Summary: Self signed certificate in certificate chain. The error occured at a depth of 3 in the certificate chain.
>
> If you trust this certificate, press Yes. To connect without storing certificate, press No. To abandon the connection press Cancel.
>
> Continue connecting and store the certificate? ()