Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

Howard123

Nevermind I found what the problem was...There was a special character in the password...
I managed to fix this by adding single quote in front of the special character :)
Howard123

TlsHostCertificateFingerprint not working when called from Powershell script

Dear WinSCP support;

I'm trying to write a WinSCP/Powershell script to connect a FTP server (TLS Explicit with untrusted certificate)

I have no problem to manually connect to this FTP server using the WinSCP graphical interface.
Here is the automatically generated Powershell code from WinSCP "Generate session URL/code" tool :

# Load WinSCP .NET assembly

Add-Type -Path "WinSCPnet.dll"

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Ftp
    HostName = "xxx.xxx.xxx.xxx"
    PortNumber = 21
    UserName = "xxxxxx"
    Password = "xxxxxx"
    FtpSecure = [WinSCP.FtpSecure]::Explicit
}

$session = New-Object WinSCP.Session

try
{
    # Connect
    $session.Open($sessionOptions)

    # Your code
}
finally
{
    $session.Dispose()
}


Since, this automatically generated code doesn't include the TLS Host Certificate, I get the following error message when I try to call it from a PS1 script :


Error: Connection failed.
Server asks for authentication with a client certificate.
Peer certificate rejected
Disconnected from server
Connection failed.



So I tried to include the certificate fingerprint into the script, by setting the
TlsHostCertificateFingerprint
parameter :



# Load WinSCP .NET assembly

Add-Type -Path "WinSCPnet.dll"

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Ftp
    HostName = "xxx.xxx.xxx.xxx"
    PortNumber = 21
    UserName = "xxxxxx"
    Password = "xxxxxx"
    FtpSecure = [WinSCP.FtpSecure]::Explicit
    TlsHostCertificateFingerprint = "x:x:x:xx:x:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
}

$session = New-Object WinSCP.Session

try
{
    # Connect
    $session.Open($sessionOptions)

    # Your code
}
finally
{
    $session.Dispose()
}



I'm 100% confident that my certificate fingerprint is correct since it is the one indicated in "Server and protocol information" when I'm connected via WinSCP graphical mode.

Unfortunately this doens't work, when I run the script it gives the error message :

Error: Authentication failed



As anyone experience the same problem?

Thanks in advance for your help

howard