TlsHostCertificateFingerprint not working when called from Powershell script

Advertisement

Howard123
Joined:
Posts:
2

TlsHostCertificateFingerprint not working when called from Powershell script

Dear WinSCP support;

I'm trying to write a WinSCP/Powershell script to connect a FTP server (TLS Explicit with untrusted certificate)

I have no problem to manually connect to this FTP server using the WinSCP graphical interface.
Here is the automatically generated Powershell code from WinSCP "Generate session URL/code" tool :

# Load WinSCP .NET assembly
Add-Type -Path "WinSCPnet.dll"

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Ftp
    HostName = "xxx.xxx.xxx.xxx"
    PortNumber = 21
    UserName = "xxxxxx"
    Password = "xxxxxx"
    FtpSecure = [WinSCP.FtpSecure]::Explicit
}

$session = New-Object WinSCP.Session

try
{
    # Connect
    $session.Open($sessionOptions)

    # Your code
}
finally
{
    $session.Dispose()
}    

Since, this automatically generated code doesn't include the TLS Host Certificate, I get the following error message when I try to call it from a PS1 script :


Error: Connection failed.
Server asks for authentication with a client certificate.
Peer certificate rejected
Disconnected from server
Connection failed.


So I tried to include the certificate fingerprint into the script, by setting the
TlsHostCertificateFingerprint    
parameter :



# Load WinSCP .NET assembly
Add-Type -Path "WinSCPnet.dll"

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Ftp
    HostName = "xxx.xxx.xxx.xxx"
    PortNumber = 21
    UserName = "xxxxxx"
    Password = "xxxxxx"
    FtpSecure = [WinSCP.FtpSecure]::Explicit
    TlsHostCertificateFingerprint = "x:x:x:xx:x:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
}

$session = New-Object WinSCP.Session

try
{
    # Connect
    $session.Open($sessionOptions)

    # Your code
}
finally
{
    $session.Dispose()
}    


I'm 100% confident that my certificate fingerprint is correct since it is the one indicated in "Server and protocol information" when I'm connected via WinSCP graphical mode.

Unfortunately this doens't work, when I run the script it gives the error message :

Error: Authentication failed    


As anyone experience the same problem?

Thanks in advance for your help

howard

Reply with quote

Howard123
Joined:
Posts:
2

Nevermind I found what the problem was...There was a special character in the password...
I managed to fix this by adding single quote in front of the special character :)

Reply with quote

Advertisement

You can post new topics in this forum