Can't connect to WebDAV when using TLS

Advertisement

mgudites
Joined:
Posts:
2
Location:
USA

Can't connect to WebDAV when using TLS

I've been steadily using WinSCP to connect to another Windows box running IIS, and pushing a file via WebDAV. However it all fails whenever I try to use TLS.

Each time I try to connect, it tells me
Error listing directory '/'. , 403 forbidden.
Again I don't have these issues when using the exact same specs, but without TLS. I have tried including the .PFX certificate in the Advanced Settings, no difference.

The Windows Firewall on the destination server is OFF (for testing), and on the source server "outgoing" is set to allow all.

Sanitized log attached; if I over-sanitized and there's something I shouldn't have omitted, I can get that back!

Reply with quote

Advertisement

mgudites
Joined:
Posts:
2
Location:
USA

I figured it out, but it doesn't make any sense to me.

On the destination server, I had to configure WebDAV settings so the source computer's Windows logon account was listed as one of the "Allowed" users (so, the user I'm logging into the source server as, when I go to configure the WinSCP session). I don't see why it should care about that; WinSCP should be passing the user/password listed in the session configuration, not who is logged into the Windows server, correct?

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
41,517
Location:
Prague, Czechia

Yes, WinSCP sends the credentials from the login dialog.
If you want us to investigate further, please post complete logs for both scenarios.

Reply with quote

Guest

Two logs attached:

log_error: this is what happens when WebDAV on the destination server doesn't have the source server's *computer* logon name as an allowed user.

log_successful: this is what happens when WebDAV *does* have the source server's *computer* logon name as an allowed user.

FWIW, the two usernames (the computer user and the one I'm actually telling WinSCP to connect with) have COMPLETELY different names/passwords. If I don't use TLS at all, then WinSCP seems to honor whatever I've got in the user/pass fields in the connection profile.

Reply with quote

martin
Site Admin
martin avatar

There are too many differences between the logs/sessions. Different WinSCP versions. PFX file in one case, but not the other. Different server. Different server software. Can you post logs that really differ only in whether the local account in "allowed" on the server or not?

Reply with quote

Advertisement

You can post new topics in this forum