Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: the server's certificate is not known.

@krgan2022: Please start by upgrading to the latest version of WinSCP. If that does not help, please post session log file.
krgan2022

the server's certificate is not known.

Hi ,

I am not able to send the files to AWS S3 bucket.

Error:
the server's certificate is not known. you have no guarantee that the server is the computer you think it is

WinSCP version 5.13

Please check and help me how to fix this issue or root cause of this issue.

Regards, Krishna
Guest

solved

I set Debuglevel to 2 an got following message:
. 2018-10-12 08:01:21.895 Certificate failed to verify against Windows certificate store: Error: 80092013, Chain index: 0, Element index: 0

So I think the problem is the certificate revocation check of Windows. Windows has no internet-Access in this Scenario, so the CA cannot be checked for revocations of the Cert.
martin

Re: Windows Certificate Store not checked - WinSCP 5.13

Can you send me an email, so I can send you back a debug version of WinSCP to track the problem? Please include link back to this topic in your email. Also note in this topic that you have sent the email. Thanks.

You will find my address (if you log in) in my forum profile.
Guest

Re: Windows Certificate Store not checked - WinSCP 5.13

martin wrote:

Can you provide us a hostname of your server, so that we can test it?

Hello Martin,
thank you for your Reply. I get this message in General, Independent of the Server I choose. For example: I also get this message on Server winscp.net on port 443.

The Code Looks as follows.
"C:\Program Files (x86)\WinSCP\WinSCP.com" ^

  /log="C:\..\log\WinSCP.log" /ini=nul ^
  /command ^
    "open davs://winscp.net/ -rawsettings ProxyMethod=3 ProxyHost=""10.1.2.3"" ProxyPort=3128" ^
....
...
"close" ^
exit
martin

Re: Windows Certificate Store not checked - WinSCP 5.13

Can you provide us a hostname of your server, so that we can test it?
Guest

Windows Certificate Store not checked - WinSCP 5.13

Hello everyone,
when I want to establish a connection to a WebDAVs-Server I get the message "Certificate not trusted / Dem Zertifikat wird nicht vertraut." The Root-CA and the Intermediate-CA of the certificate is stored in the Windows Certificate Store. So it looks like the Windows Cert. Store has not been checked. How can I provide the Root-CA to WinSCP?

. 2018-09-24 17:25:51.867 Die Details des Serverzertifikats folgen:

. 2018-09-24 17:25:51.867
. 2018-09-24 17:25:51.867 Herausgeber:
. 2018-09-24 17:25:51.867 Let's Encrypt, US
. 2018-09-24 17:25:51.867
. 2018-09-24 17:25:51.867 Betreff:
. 2018-09-24 17:25:51.867 xxxxServerxxxx
. 2018-09-24 17:25:51.867
. 2018-09-24 17:25:51.867 Gültig: 17.07.2018 03:29:05 - 15.10.2018 03:29:05
. 2018-09-24 17:25:51.867
. 2018-09-24 17:25:51.867 Fingerabdruck (SHA1): xxxxxxxxxxxxxxx
. 2018-09-24 17:25:51.867
. 2018-09-24 17:25:51.867 Zusammenfassung: Dem Zertifikat wird nicht vertraut.
. 2018-09-24 17:25:51.867
. 2018-09-24 17:25:51.867 Wenn Sie diesem Zertifikat vertrauen, drücken Sie Ja. Um die Verbindung herzustellen, ohne das Zertifikat zu speichern, drücken Sie Nein. Um die Verbindung abzubrechen, drücken Sie Abbrechen.
. 2018-09-24 17:25:51.867
. 2018-09-24 17:25:51.867 Verbindung aufbauen und Zertifikat speichern? ()
. 2018-09-24 17:26:04.345 SSL certificate checks failed: Server certificate verification failed: issuer is not trusted
. 2018-09-24 17:26:04.345 sess: Closing connection.
. 2018-09-24 17:26:04.345 sess: Connection closed.