[5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

Advertisement

loglady
Joined:
Posts:
1

[5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

Version: 5.17
Last known good: 5.15.9
Windows Version: Windows 10 Pro 1909/18363.657
Transfer Protocol: FTP + Explicit TLS
Scripting/GUI: GUI

After updating from 5.15.9 to 5.17, one of my FTP connections has not been able to connect. It fails with the error message:
Server asks for authentication with a client certificate.
Could not retrieve directory listing
MLSD: Operation not permitted

The server in question is a ProFTPD 1.3.5e server with TLSVerifyClient set to off. After further investigation, it seems like this behavior is only encountered when TLS 1.3 is used for the connection. After forcing max. TLS version to 1.2 in the advanced connection tab, the connection attempt succeeds and the client is able to read the remote directory.
I attached two redacted sessions logs for both the unsuccessful and successful connection attempt. I can also provide further information about server & client config if needed.
  • SSL13.log (6.52 KB, Private file)
Description: Log of unsuccessful connection via TLS 1.3
  • SSL12.log (5.82 KB, Private file)
Description: Log of successful connection via TLS 1.2

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
34,115
Location:
Prague, Czechia

Re: [5.17] Client certificate is wrongfully requested when using TLS 1.3 for FTP over TLS connection

Thanks for your report. I'm sending you an email to the address you have used to register on this forum.

Reply with quote

Advertisement

You can post new topics in this forum