FTPS Explicit TLS .NET Libarary

Advertisement

bgolfer66
Joined:
Posts:
6
Location:
United States

FTPS Explicit TLS .NET Libarary

Edit: Sorry, user error. I was not setting the SSLHostCertificateFingerPrint before connecting.

Sorry for the rogue posting.

John


Hello, I'm having an issue connecting to a FTPS site using Explicit TLS encryption through the .Net Library through Powershell.
This is a new problem and first time I've tried using FTPS with Explicit TLS. WHen I use the GUI interface, I am able to connect.
When I go through the powershell code, I get an unable to connect exception.
Here is my code:

    $winSCPathDLL = $global:appSettings["WinSCPDLL"]
    $winSCPDLLPath = $winSCPath + $winSCPathDLL
    [Reflection.Assembly]::LoadFrom($winSCPDLLPATH) #| Out-Null

   # Setup session options
   $sessionOptions = New-Object WinSCP.SessionOptions
   $sessionOptions.Protocol = [WinSCP.Protocol]::ftp
    $sessionOptions.FtpMode = [WinSCP.FtpMode]::passive
    $sessionOptions.FtpSecure = [WinSCP.FtpSecure]::explicittls
   $sessionOptions.HostName = $global:appSettings["FTPHost"]
   $sessionOptions.PortNumber = $global:appSettings["FTPPortNumber"]
   $sessionOptions.UserName = $global:appSettings["FTPUser"]
   $sessionOptions.Password = $global:appSettings["FTPPassword"]

   $session = New-Object WinSCP.Session

        $transferOptions = New-Object WinSCP.TransferOptions
        $transferOptions.TransferMode = [WinSCP.TransferMode]::Binary

   $session.Open($sessionOptions)  #<<< Exception throw here

When I load the assembly, I get this:
GAC Version Location
--- ------- --------
False v2.0.50727 D:\ServiceOrders\Script\WinSCP\WinSCPnet.dll

I downloaded the latest .Net DLL today, so I have version 5.5.1.0

The exception details I can get to :
Connection failed.
At D:\Script.ps1:167 char:3
+ $session.Open($sessionOptions)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], SessionRemoteException
+ FullyQualifiedErrorId : SessionRemoteException


I'm sure I must be missing something, but I am at a loss for finding it.

Thank you for the help.

John

Reply with quote

Advertisement

bgolfer66
Joined:
Posts:
6
Location:
United States

Re: Getting the same problem

Silku wrote:

John, have you got any solution for the above ? I am getting same problem.
Thanks.

I Did. The issue I was having was in setting the SslHostCertificateFingerprint print.
Here is my Powershell code for connecting.

I got the value for the finger print by connecting to the site using the gui,going to the commands menu and choosing "Server/Protocol info"
Hope this helps.

    # Load WinSCP .NET assembly
    # Use "winscp.dll" for the releases before the latest beta version.
    $winSCPath = $global:appSettings["WinSCPath"]
    $winSCPathDLL = $global:appSettings["WinSCPDLL"]
    $winSCPDLLPath = $winSCPath + $winSCPathDLL
    [Reflection.Assembly]::LoadFrom($winSCPDLLPATH) #| Out-Null

    # Setup session options
    $sessionOptions = New-Object WinSCP.SessionOptions
    $sessionOptions.Protocol = [WinSCP.Protocol]::ftp
    $sessionOptions.FtpMode = [WinSCP.FtpMode]::passive
    $sessionOptions.FtpSecure = [WinSCP.FtpSecure]::explicittls
    $sessionOptions.HostName = $global:appSettings["FTPHost"]
    $sessionOptions.PortNumber = $global:appSettings["FTPPortNumber"]
    $sessionOptions.UserName = $global:appSettings["FTPUser"]
    $sessionOptions.Password = $global:appSettings["FTPPassword"]
    $sessionOptions.SslHostCertificateFingerprint = $global:appSettings["FTPFingerPrintKey"]

   $session = New-Object WinSCP.Session

   try
   {
      # Connect
      $session.Open($sessionOptions)
           $transferOptions = New-Object WinSCP.TransferOptions
           $transferOptions.TransferMode = [WinSCP.TransferMode]::Binary
           $yesterday = (Get-Date).AddDays($yesterdayValue).ToString('yyyyMMdd')

           # List of remote folders to check
           $remoteFolders = $global:appSettings["RemotePaths"]
           foreach ($remoteFolder in $remoteFolders.Split(","))
           {
              $remotePath = "/" + $remoteFolder.Trim() + "/*" + $yesterday + "*"
              $localFolder = $localPath + $remoteFolder + "\"
              $TransferResults = $session.GetFiles($remotePath, $localFolder, $false, $transferOptions)
              try 
              {
                $TransferResults.Check()
              }   
              catch [Exception]
              {        
                    $emailBody += "Error Downloading " + $remotePath + ":" + $_.Exception.Message
              }
        }
        $session.Dispose()
[/code]

Reply with quote

Silku
Guest

Authitication failed

Jon Thanks...but after this when I changed this similar like this.
It says authentication failed :-((( any idea....?

Your help is much much appreciated....eagerly waiting...

Reply with quote

Silku
Guest

Should I use IP address instead of site address

Don't know if this allows to authenticate, I copied it from server/protocol info only.

Reply with quote

Advertisement

bgolfer66
Joined:
Posts:
6
Location:
United States

Re: Should I use IP address instead of site address

Silku wrote:

Don't know if this allows to authenticate, I copied it from server/protocol info only.

I would need to see your code.

Reply with quote

Silku
Guest

Re: Should I use IP address instead of site address

Thanks John.

Here it is : I have given write host trap from where it is causing....
Now it is saying "The requested operation requires elevation"...:-((
------------------------------


#----------------------------------------------------------
try
{
# Load WinSCP .NET assembly

write-host "Begin..............." -foregroundcolor yellow;


[Reflection.Assembly]::LoadFrom("C:\Program Files (x86)\WinSCP\WinSCPnet.dll")
write-host "After assembly...." -foregroundcolor yellow;
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions
write-host "After Open WinSCP.SessionOptions...." -foregroundcolor yellow;

$sessionOptions.Protocol = [WinSCP.Protocol]::ftp
write-host "After Open WinSCP.prtocol...." -foregroundcolor yellow;
$sessionOptions.FtpMode = [WinSCP.FtpMode]::passive
write-host "After Open WinSCP.ftpmode...." -foregroundcolor yellow;
$sessionOptions.FtpSecure = [WinSCP.FtpSecure]::explicittls

$sessionOptions.PortNumber = "22"


$sessionOptions.HostName = "ftp.zzzz.com"
$sessionOptions.UserName = "zzzz"
$sessionOptions.Password = "*****"
write-host "After password...." -foregroundcolor yellow;
$sessionOptions.SslHostCertificateFingerprint = "xx:e3:74:c5:a7:e3:0f:5b:d3:77:6e:bd:58:19:a6:2c:33:e8:fa:ec"

write-host "After Open SslHostCertificateFingerprint ...." -foregroundcolor yellow;
$session = New-Object WinSCP.Session
write-host "After new session ...." -foregroundcolor yellow;
try
{
# Connect
write-host "Before Opening ...." -foregroundcolor yellow;
$session.Open($sessionOptions)

write-host "After Open Session...." -foregroundcolor yellow;

$localPath = "E:\Apps\"
$remotePath = "/SFTPPourshinsDownload"
$file = "CS_20140703_050427.csv"

# Format timestamp
$stamp = $(Get-Date -f "yyyyMMddHHmmss")

# Download the file and throw on any error
$session.GetFiles(
($remotePath + $file),
($localPath + $stamp + "." + $file)).Check()
}
finally
{
# Disconnect, clean up
$session.Dispose()
}

exit 0
}
catch [Exception]
{
Write-Host $_.Exception.Message -foregroundcolor green
#exit 1
}



$host.enternestedprompt()

write-host "To see the output........." -foregroundcolor yellow;
pause

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,658
Location:
Prague, Czechia

Re: Should I use IP address instead of site address

Silku wrote:

Now it is saying "The requested operation requires elevation"...:-((
What line of cause is causing this error? It's definitely not a message from WinSCP.
_________________
Martin Prikryl

Reply with quote

Silku
Guest

Re: Should I use IP address instead of site address

martin wrote:

Silku wrote:

Now it is saying "The requested operation requires elevation"...:-((
What line of cause is causing this error? It's definitely not a message from WinSCP.


After this line
$session.Open($sessionOptions)
....
Authentication failed but I can connect through GUI base...

Reply with quote

Advertisement

bgolfer66
Joined:
Posts:
6
Location:
United States

Re: Should I use IP address instead of site address

Nothing looks out of the ordinary to me. I am able to substitute my connection credentials into your code and connect to my server.
whatever is happening is outside my area of expertise. Hopefully a site admin can help you.

Silku wrote:

Thanks John.

Here it is : I have given write host trap from where it is causing....
Now it is saying "The requested operation requires elevation"...:-((
------------------------------


#----------------------------------------------------------
try
{
# Load WinSCP .NET assembly

write-host "Begin..............." -foregroundcolor yellow;


[Reflection.Assembly]::LoadFrom("C:\Program Files (x86)\WinSCP\WinSCPnet.dll")
write-host "After assembly...." -foregroundcolor yellow;
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions
write-host "After Open WinSCP.SessionOptions...." -foregroundcolor yellow;

$sessionOptions.Protocol = [WinSCP.Protocol]::ftp
write-host "After Open WinSCP.prtocol...." -foregroundcolor yellow;
$sessionOptions.FtpMode = [WinSCP.FtpMode]::passive
write-host "After Open WinSCP.ftpmode...." -foregroundcolor yellow;
$sessionOptions.FtpSecure = [WinSCP.FtpSecure]::explicittls

$sessionOptions.PortNumber = "22"


$sessionOptions.HostName = "ftp.zzzz.com"
$sessionOptions.UserName = "zzzz"
$sessionOptions.Password = "*****"
write-host "After password...." -foregroundcolor yellow;
$sessionOptions.SslHostCertificateFingerprint = "xx:e3:74:c5:a7:e3:0f:5b:d3:77:6e:bd:58:19:a6:2c:33:e8:fa:ec"

write-host "After Open SslHostCertificateFingerprint ...." -foregroundcolor yellow;
$session = New-Object WinSCP.Session
write-host "After new session ...." -foregroundcolor yellow;
try
{
# Connect
write-host "Before Opening ...." -foregroundcolor yellow;
$session.Open($sessionOptions)

write-host "After Open Session...." -foregroundcolor yellow;

$localPath = "E:\Apps\"
$remotePath = "/SFTPPourshinsDownload"
$file = "CS_20140703_050427.csv"

# Format timestamp
$stamp = $(Get-Date -f "yyyyMMddHHmmss")

# Download the file and throw on any error
$session.GetFiles(
($remotePath + $file),
($localPath + $stamp + "." + $file)).Check()
}
finally
{
# Disconnect, clean up
$session.Dispose()
}

exit 0
}
catch [Exception]
{
Write-Host $_.Exception.Message -foregroundcolor green
#exit 1
}



$host.enternestedprompt()

write-host "To see the output........." -foregroundcolor yellow;
pause

Reply with quote

Guest

Re: Should I use IP address instead of site address

Thanks John. Waiting to hear from him.


bgolfer66 wrote:

Nothing looks out of the ordinary to me. I am able to substitute my connection credentials into your code and connect to my server.
whatever is happening is outside my area of expertise. Hopefully a site admin can help you.

Silku wrote:

Thanks John.

Here it is : I have given write host trap from where it is causing....
Now it is saying "The requested operation requires elevation"...:-((
------------------------------


#----------------------------------------------------------
try
{
# Load WinSCP .NET assembly

write-host "Begin..............." -foregroundcolor yellow;


[Reflection.Assembly]::LoadFrom("C:\Program Files (x86)\WinSCP\WinSCPnet.dll")
write-host "After assembly...." -foregroundcolor yellow;
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions
write-host "After Open WinSCP.SessionOptions...." -foregroundcolor yellow;

$sessionOptions.Protocol = [WinSCP.Protocol]::ftp
write-host "After Open WinSCP.prtocol...." -foregroundcolor yellow;
$sessionOptions.FtpMode = [WinSCP.FtpMode]::passive
write-host "After Open WinSCP.ftpmode...." -foregroundcolor yellow;
$sessionOptions.FtpSecure = [WinSCP.FtpSecure]::explicittls

$sessionOptions.PortNumber = "22"


$sessionOptions.HostName = "ftp.zzzz.com"
$sessionOptions.UserName = "zzzz"
$sessionOptions.Password = "*****"
write-host "After password...." -foregroundcolor yellow;
$sessionOptions.SslHostCertificateFingerprint = "xx:e3:74:c5:a7:e3:0f:5b:d3:77:6e:bd:58:19:a6:2c:33:e8:fa:ec"

write-host "After Open SslHostCertificateFingerprint ...." -foregroundcolor yellow;
$session = New-Object WinSCP.Session
write-host "After new session ...." -foregroundcolor yellow;
try
{
# Connect
write-host "Before Opening ...." -foregroundcolor yellow;
$session.Open($sessionOptions)

write-host "After Open Session...." -foregroundcolor yellow;

$localPath = "E:\Apps\"
$remotePath = "/SFTPPourshinsDownload"
$file = "CS_20140703_050427.csv"

# Format timestamp
$stamp = $(Get-Date -f "yyyyMMddHHmmss")

# Download the file and throw on any error
$session.GetFiles(
($remotePath + $file),
($localPath + $stamp + "." + $file)).Check()
}
finally
{
# Disconnect, clean up
$session.Dispose()
}

exit 0
}
catch [Exception]
{
Write-Host $_.Exception.Message -foregroundcolor green
#exit 1
}



$host.enternestedprompt()

write-host "To see the output........." -foregroundcolor yellow;
pause

Reply with quote

bgolfer66
Joined:
Posts:
6
Location:
United States

Re: Should I use IP address instead of site address

You may want to check that you should be using FTP Secure and not SFTP
and if it is FTPS, is TLS the proper security?

Anonymous wrote:

Thanks John. Waiting to hear from him.


bgolfer66 wrote:

Nothing looks out of the ordinary to me. I am able to substitute my connection credentials into your code and connect to my server.
whatever is happening is outside my area of expertise. Hopefully a site admin can help you.

Silku wrote:

Thanks John.

Here it is : I have given write host trap from where it is causing....
Now it is saying "The requested operation requires elevation"...:-((
------------------------------


#----------------------------------------------------------
try
{
# Load WinSCP .NET assembly

write-host "Begin..............." -foregroundcolor yellow;


[Reflection.Assembly]::LoadFrom("C:\Program Files (x86)\WinSCP\WinSCPnet.dll")
write-host "After assembly...." -foregroundcolor yellow;
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions
write-host "After Open WinSCP.SessionOptions...." -foregroundcolor yellow;

$sessionOptions.Protocol = [WinSCP.Protocol]::ftp
write-host "After Open WinSCP.prtocol...." -foregroundcolor yellow;
$sessionOptions.FtpMode = [WinSCP.FtpMode]::passive
write-host "After Open WinSCP.ftpmode...." -foregroundcolor yellow;
$sessionOptions.FtpSecure = [WinSCP.FtpSecure]::explicittls

$sessionOptions.PortNumber = "22"


$sessionOptions.HostName = "ftp.zzzz.com"
$sessionOptions.UserName = "zzzz"
$sessionOptions.Password = "*****"
write-host "After password...." -foregroundcolor yellow;
$sessionOptions.SslHostCertificateFingerprint = "xx:e3:74:c5:a7:e3:0f:5b:d3:77:6e:bd:58:19:a6:2c:33:e8:fa:ec"

write-host "After Open SslHostCertificateFingerprint ...." -foregroundcolor yellow;
$session = New-Object WinSCP.Session
write-host "After new session ...." -foregroundcolor yellow;
try
{
# Connect
write-host "Before Opening ...." -foregroundcolor yellow;
$session.Open($sessionOptions)

write-host "After Open Session...." -foregroundcolor yellow;

$localPath = "E:\Apps\"
$remotePath = "/SFTPPourshinsDownload"
$file = "CS_20140703_050427.csv"

# Format timestamp
$stamp = $(Get-Date -f "yyyyMMddHHmmss")

# Download the file and throw on any error
$session.GetFiles(
($remotePath + $file),
($localPath + $stamp + "." + $file)).Check()
}
finally
{
# Disconnect, clean up
$session.Dispose()
}

exit 0
}
catch [Exception]
{
Write-Host $_.Exception.Message -foregroundcolor green
#exit 1
}



$host.enternestedprompt()

write-host "To see the output........." -foregroundcolor yellow;
pause

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,658
Location:
Prague, Czechia

Re: Should I use IP address instead of site address

Anonymous wrote:

Thanks John. Waiting to hear from him.
Please start a new topic and attach a full session log file showing the problem (using the latest version of WinSCP).

To generate log file, set Session.SessionLogPath. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

_________________
Martin Prikryl

Reply with quote

Advertisement

Silku
Guest

Tryingto create Session log but it is not doing anything...

Although through GUI, it is creating the session log.
What I am missing..

$session = New-Object WinSCP.Session


$session.DebugLogPath = $WinSCPDebugLogFile
$session.SessionLogPath = $WinSCPSessionLogFile
$session.XMLLogPath = $WinSCPXMLLogFile

Reply with quote

Silku
Guest

Session log created getting 331 Password required for

2014-07-11 10:47:42.098 331 Password required for
> 2014-07-11 10:47:42.098 PASS ********
< 2014-07-11 10:47:42.119 530 User cannot log in.
. 2014-07-11 10:47:42.119 Connection failed.
. 2014-07-11 10:47:42.120 Password prompt (last login attempt failed)

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,658
Location:
Prague, Czechia

Re: Session log created getting 331 Password required for

Silku wrote:

2014-07-11 10:47:42.098 331 Password required for
> 2014-07-11 10:47:42.098 PASS ********
< 2014-07-11 10:47:42.119 530 User cannot log in.
. 2014-07-11 10:47:42.119 Connection failed.
. 2014-07-11 10:47:42.120 Password prompt (last login attempt failed)
I do not know how to help you. Are you able to connect from GUI? It seems like your username/password is wrong or the account is disabled.
_________________
Martin Prikryl

Reply with quote

Silku
Guest

Re: Session log created getting 331 Password required for

Yes, Martin, with same configuration I can able to connect with GUI...

Reply with quote

Advertisement

Sriram
Guest

Session.Open(Sessionoptions) getting error

Dear All,

Actually i m using secure ftp, I am using winscp to push the file to sftp, but in session.open i am getting error. i gave ftpurl, hostname, username and password, but i never give sshostFingerprintkey, instead of this i gave sessionOptions.GiveUpSecurityAndAcceptAnySshHostKey = true; .. But not resolved. how i achive that.

Reply with quote

Guest

Re: Session.Open(Sessionoptions) getting error

Sriram wrote:

Dear All,

Actually i m using secure ftp, I am using winscp to push the file to sftp, but in session.open i am getting error. i gave ftpurl, hostname, username and password, but i never give sshostFingerprintkey, instead of this i gave sessionOptions.GiveUpSecurityAndAcceptAnySshHostKey = true; .. But not resolved. how i achive that.
Am using Asp.net with C# along with WINSCP

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,658
Location:
Prague, Czechia

Re: Session.Open(Sessionoptions) getting error

Sriram wrote:

i am getting error.
Would you mind telling us, what error is that?

Even better, start a new topic and attach a full session log file showing the problem (using the latest version of WinSCP).

To generate log file, set Session.SessionLogPath. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Reply with quote

Advertisement

You can post new topics in this forum