Hi,
I'm new to WinSCP, trying to automate file copy using FTPS and replacing a FileZilla client I'm using manually right now.
I have the same issue in GUI and script.
Target FTP is a Synology. Error is :
SSL3 alert read: fatal: unknown CA
TLS connect: error in error
Can't establish TLS connection
Can't establish TLS connection
Connection failed.
1/ From GUI
1.png
2 / From PowerShell code it's the same. (I've uploaded the log file)
try
{
# Load WinSCP .NET assembly
Add-Type -Path "C:\Scripts\WinSCP-5.17.6-Automation\WinSCPnet.dll"
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
Protocol = [WinSCP.Protocol]::Ftp
FtpMode = [WinSCP.FtpMode]::Passive
HostName = "MyFQDN"
UserName = "myUserName"
Password = "Mypassword"
FtpSecure = [WinSCP.FtpSecure]::Explicit
TlsClientCertificatePath = "C:\Scripts\certificate.pfx"
TlsHostCertificateFingerprint = "xx:xx:xx:xx:xx:xx:xx:xx:xx"
PrivateKeyPassphrase = "xxx"
}
$session = New-Object WinSCP.Session
try
{
$session.SessionLogPath = "C:\Scripts\WinSCP_NET.log"
# Connect
$session.Open($sessionOptions)
# Get list of matching files in the directory
$files =
$session.EnumerateRemoteFiles(
$remotePath, $wildcard, [WinSCP.EnumerationOptions]::None)
# Any file matched?
if ($files.Count -gt 0)
{
foreach ($fileInfo in $files)
{
Write-Host ("$($fileInfo.Name) with size $($fileInfo.Length), " +
"permissions $($fileInfo.FilePermissions) and " +
"last modification at $($fileInfo.LastWriteTime)")
}
}
else
{
Write-Host "No files matching $wildcard found"
}
}
finally
{
# Disconnect, clean up
$session.Dispose()
}
exit 0
}
catch
{
Write-Host "Error: $($_.Exception.Message)"
exit 1
}
Reference I've checked :
Troubleshooting Connection Issues:
https://winscp.net/eng/docs/troubleshooting#connection
https://winscp.net/eng/docs/tls and
https://winscp.net/eng/docs/guide_connect
It's seems that I'm missing trusted root CA si i've added Root and intermediate CA certificates to my Synololy and the client server - Both Server certificate and Client certificate are delivered from Public CA.
Result was still the same error message so
3/ I have also tried WINSCP command line
PS C:\Scripts> & "C:\program files (x86)\winscp\winscp.com" /command `"option batch abort`" `"option confirm off`" `"open ftpes://UserName:MySecret@test.mycompany.com -passive=on -certificate='"xx:xx:xx:xx:xx:xx:xx:xx:"' -clientcert="C:\Scripts\cert.pfx" -passphrase="MySecret" -rawsettings FtpForcePasvIp=1 portnumber=21`" `"dir`" `"exit`"
Result is still
La connexion a échouée.
SSL3 alert read: fatal: unknown CA
TLS connect: error in error
Connexion SSL impossible à établir
Déconnecté du serveur
La connexion a échouée.
Thanks for your help