I have a certificate on my server through a public CA. When connecting to my server via FTP over SSL, I get the warning box "The server's certificate is not known...". It does show the correct Organization information but this still shows up. The message further states "Summary: Unable to get local issuer certificate. The error occurred at a depth of 2 in the certificate chain.".
Is there a way to configure either WinSCP or the certificate on the server side so that the certificate is accepted without this prompt? I have clients that see that box and it raises a red flag to them as a possible security flaw.
In researching, a site admin for the FileZilla client said that FileZilla will always prompt even when it is a public certificate. I get a very similar message when testing with FileZilla.
The certificate I'm using is from trusted root CA - yes.
In other words if I used the same cert on a web site instead of an FTPs site, going to that web page would show as trusted with the lock and the cert ID and all that and wouldn't issue any prompts such as 'not known' - and it would work that way on all platforms not just Windows. The same way you go to any SSL site for a bank or a merchant without being prompted (unless of course the cert was not from a trusted CA or wrong name or expired or something obviously).