Topic "TlsHostCertificateFingerprint not working when called from Powershell script"

Author Message
Howard123
[View user's profile]

Joined: 2017-02-22
Posts: 2
Dear WinSCP support;

I'm trying to write a WinSCP/Powershell script to connect a FTP server (TLS Explicit with untrusted certificate)

I have no problem to manually connect to this FTP server using the WinSCP graphical interface.
Here is the automatically generated Powershell code from WinSCP "Generate session URL/code" tool :

Code:
# Load WinSCP .NET assembly
Add-Type -Path "WinSCPnet.dll"

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Ftp
    HostName = "xxx.xxx.xxx.xxx"
    PortNumber = 21
    UserName = "xxxxxx"
    Password = "xxxxxx"
    FtpSecure = [WinSCP.FtpSecure]::Explicit
}

$session = New-Object WinSCP.Session

try
{
    # Connect
    $session.Open($sessionOptions)

    # Your code
}
finally
{
    $session.Dispose()
}


Since, this automatically generated code doesn't include the TLS Host Certificate, I get the following error message when I try to call it from a PS1 script :


Quote:
Error: Connection failed.
Server asks for authentication with a client certificate.
Peer certificate rejected
Disconnected from server
Connection failed.



So I tried to include the certificate fingerprint into the script, by setting the
Code:
TlsHostCertificateFingerprint
parameter :



Code:
# Load WinSCP .NET assembly
Add-Type -Path "WinSCPnet.dll"

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Ftp
    HostName = "xxx.xxx.xxx.xxx"
    PortNumber = 21
    UserName = "xxxxxx"
    Password = "xxxxxx"
    FtpSecure = [WinSCP.FtpSecure]::Explicit
    TlsHostCertificateFingerprint = "x:x:x:xx:x:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"
}

$session = New-Object WinSCP.Session

try
{
    # Connect
    $session.Open($sessionOptions)

    # Your code
}
finally
{
    $session.Dispose()
}



I'm 100% confident that my certificate fingerprint is correct since it is the one indicated in "Server and protocol information" when I'm connected via WinSCP graphical mode.

Unfortunately this doens't work, when I run the script it gives the error message :

Code:
Error: Authentication failed



As anyone experience the same problem?

Thanks in advance for your help

howard
Howard123
[View user's profile]

Joined: 2017-02-22
Posts: 2
Nevermind I found what the problem was...There was a special character in the password...
I managed to fix this by adding single quote in front of the special character Smile
Advertisements

You can post new topics in this forum

Search

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License