Upload site changes fingerprint (certificate) every 6 months - how to automate this?

Advertisement

atcwestchester
Joined:
Posts:
2

Upload site changes fingerprint (certificate) every 6 months - how to automate this?

I have a site that changes its fingerprint (certificate) every 6 months. I have a script that uploads a file to it on a daily basis. I am only alerted to the cert change when the company contacts me and says they have not received a recent uploaded file. How can I code in the script to update the fingerprint if a new one is available? The GUI asks me and I respond yes to save the new cert. Then I have to go to the session details and copy and paste the new fingerprint into the script. Hardly seems like the best way to handle this. Thanks in advance to all who respond.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
36,052
Location:
Prague, Czechia

Re: Upload site changes fingerprint (certificate) every 6 months - how to automate this?

Please understand that verifying the certificate is integral part of securing the connection. While you can make WinSCP script automatically accept any certificate using -certificate=*, the connection won't be secure anymore:
https://winscp.net/eng/docs/scriptcommand_open#certificate

The ideal way is for the FTP server to use certificate signed by a trusted authority. That way, you won't have to verify it explicitly in your script.

Reply with quote

atcwestchester

Upload site changes fingerprint (certificate) every 6 months - how to automate this?

Thanks for the reply. I understand what you are saying about security. I will have to ask if the FTP site holder has a trusted authority cert. If they do not, then I guess I am back to my manual way of updating my script every 6 months.

Reply with quote

Advertisement

You can post new topics in this forum