Topic "TLS certificate Issuer and Subject are mixed up"

Author Message
[View user's profile]

Joined: 2013-01-11
Posts: 1
Location: Amsterdam
Hi guys

I am trying to connect to our Pure-FTPD server (Ubuntu 8.04 LTS 32-bit, pure-ftpd-postgresql 1.0.21-11.1ubuntu2).
This server is configured to do TLS.
Upon connecting, I get a certificate warning. The issue is not with the fact that there is a warning, it is about the content of the warning.
The warning message seems to mix up the certificate Issuer and the certificate Subject.
Don't get fooled by the names, in this case the "Organization" of both the subject and issuer are the same.

This is Winscp-5.1.3 on a clean Windows 7 64-bit VM.

Attached is a screendump, some OpenSSL debugging, and the X509 key material.
winscp_issuer_subject_mixup.PNG (153.32 KB)

Description: Screendump of warning message from WinSCP, with mixed up Issuer and Subject


pure-ftpd.pem.txt (6.72 KB) [Download]

Description: X509 PEM file as used by Pure-FTPD server.

ftp.log.txt (4.75 KB) [Download]

Description: Ouput of OpenSSL command:

echo QUIT | openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -starttls ftp -connect

You can check this yourself as this is a public system.

[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26911
Location: Prague, Czechia
Thanks for your report.

This bug has been added to the tracker:

You can post new topics in this forum


What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!


About donations

$9   $19   $49   $99

About donations


WinSCP Privacy Policy

WinSCP License