Duplicate post:
https://winscp.net/forum/viewtopic.php?t=15872
https://winscp.net/forum/viewtopic.php?t=15872
- martin
Post a reply
Before posting, please read how to report bug or request support effectively.
Bug reports without an attached log file are usually useless.
Topic review
- lukas
Hello Martin,
we are using .NET assembly in our software.
The end FTPS server uses certificate, which is signed by certification authority.
The certification authority certificate is stored in "Trusted Root Certification Authorities" at computer, which is communicating with FTP server.
If we specify certificate fingerprint of the FTP server in TlsHostCertificateFingerprint, everything works.
But if we don't, no transfer is proceeded and we get "Connection failed." error message.
We want the certificate to be authenticated against the certification authority, so at every change of end FTP certificate we wouldn't need to change the certificate fingerprint of FTP server in our program settings.
More details:
WinSCP version: 5.7.5.5665
Windows version: Windows Server 2012 Standard 64bit
Protocol: FTPS, TLS, FTPSecure.Explicit
Using: .NET assembly
Error message in log:
Connection failed.
Stack Trace:
at WinSCP.SessionLogReader.Read(LogReadFlags flags)
at WinSCP.SessionElementLogReader.Read(LogReadFlags flags)
at WinSCP.CustomLogReader.WaitForNonEmptyElementAndCreateLogReader(String localName, LogReadFlags flags)
at WinSCP.Session.Open(SessionOptions sessionOptions)
at SPCopyToFTP.CopyFtp.TransferFilesToFtp()
at SPCopyToFTP.Program.Main(String[] args)
Thanks for the reply.
Lukas
we are using .NET assembly in our software.
The end FTPS server uses certificate, which is signed by certification authority.
The certification authority certificate is stored in "Trusted Root Certification Authorities" at computer, which is communicating with FTP server.
If we specify certificate fingerprint of the FTP server in TlsHostCertificateFingerprint, everything works.
But if we don't, no transfer is proceeded and we get "Connection failed." error message.
We want the certificate to be authenticated against the certification authority, so at every change of end FTP certificate we wouldn't need to change the certificate fingerprint of FTP server in our program settings.
More details:
WinSCP version: 5.7.5.5665
Windows version: Windows Server 2012 Standard 64bit
Protocol: FTPS, TLS, FTPSecure.Explicit
Using: .NET assembly
Error message in log:
Connection failed.
Stack Trace:
at WinSCP.SessionLogReader.Read(LogReadFlags flags)
at WinSCP.SessionElementLogReader.Read(LogReadFlags flags)
at WinSCP.CustomLogReader.WaitForNonEmptyElementAndCreateLogReader(String localName, LogReadFlags flags)
at WinSCP.Session.Open(SessionOptions sessionOptions)
at SPCopyToFTP.CopyFtp.TransferFilesToFtp()
at SPCopyToFTP.Program.Main(String[] args)
Thanks for the reply.
Lukas
- martin
Re: Implicit encryption question
Since 5.2.5, WinSCP automatically accepts certificates signed by a trusted authority:
https://winscp.net/tracker/1063
If you need to copy the key, use Full Certificate button on Server and Protocol Information dialog
https://winscp.net/eng/docs/ui_fsinfo
https://winscp.net/tracker/1063
If you need to copy the key, use Full Certificate button on Server and Protocol Information dialog
https://winscp.net/eng/docs/ui_fsinfo
- JL-EMC
Implicit encryption question
Issue is with version 5.5.4
Will work on version 5.0.7
OS - Old version W2K3, new version W2K8
Protocol - FTP
GUI or script? - GUI
Error message - none
Description of problem: After upgrade to 5.5.4, whenever we use TLS/SSL Implicit encryption, we do NOT get the message that notifies us of an unknown certificate and do not have the option of copying the key like we did on version 5.0.7. Is this being accepted and stored automatically? Is this expected behavior?
Thanks in advance!
Will work on version 5.0.7
OS - Old version W2K3, new version W2K8
Protocol - FTP
GUI or script? - GUI
Error message - none
Description of problem: After upgrade to 5.5.4, whenever we use TLS/SSL Implicit encryption, we do NOT get the message that notifies us of an unknown certificate and do not have the option of copying the key like we did on version 5.0.7. Is this being accepted and stored automatically? Is this expected behavior?
Thanks in advance!