Implicit encryption question :: Support Forum

JL-EMC Guest

Implicit encryption question

2015-02-24 15:15

Issue is with version 5.5.4

Will work on version 5.0.7

OS - Old version W2K3, new version W2K8

Protocol - FTP

GUI or script? - GUI

Error message - none

Description of problem: After upgrade to 5.5.4, whenever we use TLS/SSL Implicit encryption, we do NOT get the message that notifies us of an unknown certificate and do not have the option of copying the key like we did on version 5.0.7. Is this being accepted and stored automatically? Is this expected behavior?

Thanks in advance!

Reply with quote

martin◆ Site Admin
Joined:: 2002-12-10
Posts:: 41,440
Location:: Prague, Czechia

Re: Implicit encryption question

2015-02-26

Since 5.2.5, WinSCP automatically accepts certificates signed by a trusted authority:
https://winscp.net/tracker/1063

If you need to copy the key, use Full Certificate button on Server and Protocol Information dialog
https://winscp.net/eng/docs/ui_fsinfo

Reply with quote

lukas
Joined:: 2015-09-09
Posts:: 4

2015-09-09 13:14

Hello Martin,
we are using .NET assembly in our software.
The end FTPS server uses certificate, which is signed by certification authority.
The certification authority certificate is stored in "Trusted Root Certification Authorities" at computer, which is communicating with FTP server.

If we specify certificate fingerprint of the FTP server in TlsHostCertificateFingerprint, everything works.
But if we don't, no transfer is proceeded and we get "Connection failed." error message.

We want the certificate to be authenticated against the certification authority, so at every change of end FTP certificate we wouldn't need to change the certificate fingerprint of FTP server in our program settings.

More details:

WinSCP version: 5.7.5.5665
Windows version: Windows Server 2012 Standard 64bit
Protocol: FTPS, TLS, FTPSecure.Explicit
Using: .NET assembly

Error message in log:
Connection failed.

Stack Trace:
at WinSCP.SessionLogReader.Read(LogReadFlags flags)
at WinSCP.SessionElementLogReader.Read(LogReadFlags flags)
at WinSCP.CustomLogReader.WaitForNonEmptyElementAndCreateLogReader(String localName, LogReadFlags flags)
at WinSCP.Session.Open(SessionOptions sessionOptions)
at SPCopyToFTP.CopyFtp.TransferFilesToFtp()
at SPCopyToFTP.Program.Main(String[] args)

Thanks for the reply.

Lukas

Reply with quote

martin◆ Site Admin

2015-09-11

Duplicate post:
https://winscp.net/forum/viewtopic.php?t=15872

Reply with quote

Implicit encryption question

Implicit encryption question

Re: Implicit encryption question

Documentation

Support

Associations

Follow Us