Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Username

Subject

Message body

Font colour:

Font size:

[quote="loglady"][b]Version:[/b] 5.17
[b]Last known good:[/b] 5.15.9
[b]Windows Version:[/b] Windows 10 Pro 1909/18363.657
[b]Transfer Protocol[/b]: FTP + Explicit TLS
[b]Scripting/GUI[/b]: GUI

After updating from 5.15.9 to 5.17, one of my FTP connections has not been able to connect. It fails with the error message:
[code]Server asks for authentication with a client certificate.
Could not retrieve directory listing
MLSD: Operation not permitted[/code]

The server in question is a ProFTPD 1.3.5e server with [b]TLSVerifyClient[/b] set to [b]off[/b]. After further investigation, it seems like this behavior is only encountered when [b]TLS 1.3[/b] is used for the connection. After forcing max. TLS version to [b]1.2[/b] in the advanced connection tab, the connection attempt succeeds and the client is able to read the remote directory.
I attached two redacted sessions logs for both the unsuccessful and successful connection attempt. I can also provide further information about server & client config if needed.[/quote]

Options

Disable BBCode in this post

Notify me when a reply is posted (registered users only)

Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

Filename

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

File Comment

Options

Private file (available to author and site moderators only)

Topic review

martin

Re: [5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

2020-03-02

This issue has been added to the tracker:
https://winscp.net/tracker/1831

martin

Re: [5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

2020-02-27

Thanks for your report. I'm sending you an email to the address you have used to register on this forum.

loglady

[5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

2020-02-26 11:36

Version: 5.17
Last known good: 5.15.9
Windows Version: Windows 10 Pro 1909/18363.657
Transfer Protocol: FTP + Explicit TLS
Scripting/GUI: GUI

After updating from 5.15.9 to 5.17, one of my FTP connections has not been able to connect. It fails with the error message:

Server asks for authentication with a client certificate.

Could not retrieve directory listing

MLSD: Operation not permitted

The server in question is a ProFTPD 1.3.5e server with TLSVerifyClient set to off. After further investigation, it seems like this behavior is only encountered when TLS 1.3 is used for the connection. After forcing max. TLS version to 1.2 in the advanced connection tab, the connection attempt succeeds and the client is able to read the remote directory.
I attached two redacted sessions logs for both the unsuccessful and successful connection attempt. I can also provide further information about server & client config if needed.

Post a reply

Topic review

Re: [5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

Re: [5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

[5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

Documentation

Support

Associations

Follow Us