Topic "TLS setting enables WinSCP to work with Windows IIS again"

Author Message
whereisaaron
[View user's profile]

Joined: 2013-10-19
Posts: 2
Location: Boston, MA
Earlier this year a security update to Windows Server changed the way cipher negotiation for FTP with TLS works. The change was made for an HTTPS vulnerability, but it affected FTP TLS also.

After that, clients like WinSCP and Filezilla and clients that use the GNU SSL library stopped working with Windows Server IIS FTP+TLS. WinSCP will connect and display directory listings, but file transfers abort with the message:

"Copying files to remote side failed. The supplied message is incomplete. The signature was not verified."

Users have reported this problem but AFAIK the incompatibility is still not fixed. The client/library writers blame Microsoft for breaking TLS. Microsoft, as per normal with standards, either doesn't care or will take 5-10 years to get around to fix. A client workaround would be nice, but the Filezilla maintainer has had multiple tantrums over it in the forums Sad

The good news is WinSCP 5.2.4 beta enables a workaround. The new TLS/SSL site options let you set the maximum version to 'TLS 1.0', and this acts as a workaround for the problem. WinSCP can be used with Windows Server IIS for FTP + TLS again!!

This would be good to document somewhere.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25034
Location: Prague, Czechia
Thanks for sharing this. I'll include it into documentation.
_________________
Martin Prikryl
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25034
Location: Prague, Czechia
I was testing this only to find that IIS does not support TLS 1.1 and TLS 1.2 by default. One has to enable this in registry (<invalid hyperlink removed by admin>). They probably know why they do not enable this by default...
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License