Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Using TLS with sessionurl

Just remove the sha1- part. For example:
ftpes://username:password;fingerprint=90:1a:bd:7a:bb:0d:0f:44:3d:bd:f0:2e:c6:4d:bb:b6:f9:58:f5:2d@example.com/
AndersRisager

Re: Using TLS with sessionurl

Thx for the fast reply. I will be looking forward to the dev version ; )

I tried to add the fingerprint like this, but I guess the syntax is wrong then:
$sessionUrl = "ftpes://[Username]:[Password];fingerprint=sha1-[Thumbprint]@[FtpDomain]"

It gives me this error:
SSH host key fingerprint "sha1-[Thumbprint]" does not match pattern /((ssh-rsa|ssh-dss|ssh-ed25519|ecdsa-sha2-nistp(256|384|521))( |-))?(\d+ )?(([0-9a-f]{2}(:|-)){
15}[0-9a-f]{2}|[0-9a-zA-Z+/]{43}=)(;((ssh-rsa|ssh-dss|ssh-ed25519|ecdsa-sha2-nistp(256|384|521))( |-))?(\d+ )?(([0-9a-f]{2}(:|-)){15}[0-9a-f]{2}|[0-9a-zA-Z+/]{43}=))*/

I can see that sha1 is not part of this list ssh-rsa|ssh-dss|ssh-ed25519|ecdsa-sha2-nistp, but have tried those as well.

I could not find clues about this problem in the sessionUrl documentation.
martin

Re: Using TLS with sessionurl

TLS/SSL certificate fingerprint can be provided the same way as SSH host key fingerprints.

The next version of WinSCP will even allow you to generate the URL with the fingerprint.
https://winscp.net/tracker/1646

I'm sending you an email with a development version of WinSCP to the address you have used to register on this forum.
AndersRisager

Using TLS with sessionurl

I am trying to use the the powershell script supplied here which makes it possible to have uploads in parallel. This will boost performance in my scenario by a mile, because i upload about 3000 files.
https://stackoverflow.com/questions/46822798/how-can-i-concurrently-upload-files-using-the-winscpnet-dll

My problem is that the host uses TLS and not sftp, and it seems the sessionurl does not support the tls thumbprint. The fingerprint is only for sftp.

If i connect without the hosts certificate thumbprint, it will give me the error "Peer certificate rejected". I can connect without using tls, but i prefer tls.

Is it possible to execute the batches in some other way than using sessionUrl or can the tls thumbprint be applied in some other way?