Topic "Implicit encryption question"

Author Message
JL-EMC

Guest


Issue is with version 5.5.4

Will work on version 5.0.7

OS - Old version W2K3, new version W2K8

Protocol - FTP

GUI or script? - GUI

Error message - none

Description of problem: After upgrade to 5.5.4, whenever we use TLS/SSL Implicit encryption, we do NOT get the message that notifies us of an unknown certificate and do not have the option of copying the key like we did on version 5.0.7. Is this being accepted and stored automatically? Is this expected behavior?

Thanks in advance!
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24991
Location: Prague, Czechia
Since 5.2.5, WinSCP automatically accepts certificates signed by a trusted authority:
https://winscp.net/tracker/show_bug.cgi?id=1063

If you need to copy the key, use Full Certificate button on Server and Protocol Information dialog
https://winscp.net/eng/docs/ui_fsinfo
_________________
Martin Prikryl
lukas
[View user's profile]

Joined: 2015-09-09
Posts: 4
Hello Martin,
we are using .NET assembly in our software.
The end FTPS server uses certificate, which is signed by certification authority.
The certification authority certificate is stored in "Trusted Root Certification Authorities" at computer, which is communicating with FTP server.

If we specify certificate fingerprint of the FTP server in TlsHostCertificateFingerprint, everything works.
But if we don't, no transfer is proceeded and we get "Connection failed." error message.

We want the certificate to be authenticated against the certification authority, so at every change of end FTP certificate we wouldn't need to change the certificate fingerprint of FTP server in our program settings.


More details:

WinSCP version: 5.7.5.5665
Windows version: Windows Server 2012 Standard 64bit
Protocol: FTPS, TLS, FTPSecure.Explicit
Using: .NET assembly

Error message in log:
Connection failed.

Stack Trace:
at WinSCP.SessionLogReader.Read(LogReadFlags flags)
at WinSCP.SessionElementLogReader.Read(LogReadFlags flags)
at WinSCP.CustomLogReader.WaitForNonEmptyElementAndCreateLogReader(String localName, LogReadFlags flags)
at WinSCP.Session.Open(SessionOptions sessionOptions)
at SPCopyToFTP.CopyFtp.TransferFilesToFtp()
at SPCopyToFTP.Program.Main(String[] args)

Thanks for the reply.

Lukas
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24991
Location: Prague, Czechia
Duplicate post:
https://winscp.net/forum/viewtopic.php?t=15872
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License