Cannot initiate SSL/TLS Explicit connection from a Windows 2022 Server host.

Advertisement

nIghtorius
Joined:
Posts:
1
Location:
Netherlands

Cannot initiate SSL/TLS Explicit connection from a Windows 2022 Server host.

Really weird problem here.

On a Windows Server 2022 WinSCP cannot establish a Explicit TLS/SSL connection to a specific FTP server. It just immediately gives up. You probably will be thinking the settings are wrong or something is up with the FTP server.

but.. If I copy the WinSCP executable with the settings file to a Windows 11 workstation. Thus running the SAME WinSCP version with the SAME settings. It connects.

So. It will not connect on Windows 2022, but it does on Windows 11. Why?

Logs are as follows (the interesting part) (On Server 2022)
< 2023-09-22 09:11:17.959 220-Welcome to Compano's encrypted FTPS service!
< 2023-09-22 09:11:17.959 220 (FileZilla Server 0.9.60 beta)
> 2023-09-22 09:11:17.959 AUTH TLS
. 2023-09-22 09:11:17.959 Read 35 bytes
< 2023-09-22 09:11:17.959 234 Using authentication type TLS
. 2023-09-22 09:11:17.959 No data to read
. 2023-09-22 09:11:17.959 TLS connect: SSLv3/TLS write client hello
. 2023-09-22 09:11:17.959 TLS layer changed state from connected to aborted
. 2023-09-22 09:11:17.959 Disconnected from server
. 2023-09-22 09:11:17.959 Connection closed
. 2023-09-22 09:11:17.959 Connection failed.
. 2023-09-22 09:11:17.959 Got reply 1004 to the command 1
* 2023-09-22 09:11:17.995 (EFatal) Connection failed.
* 2023-09-22 09:11:17.995 Disconnected from server
* 2023-09-22 09:11:17.995 Connection failed.
. 2023-09-22 09:11:20.992 Connection closed
On Windows 11
< 2023-09-22 09:14:59.591 220-Welcome to Compano's encrypted FTPS service!
< 2023-09-22 09:14:59.591 220 (FileZilla Server 0.9.60 beta)
> 2023-09-22 09:14:59.591 AUTH TLS
. 2023-09-22 09:14:59.591 Read 35 bytes
< 2023-09-22 09:14:59.591 234 Using authentication type TLS
. 2023-09-22 09:14:59.591 No data to read
. 2023-09-22 09:14:59.622 TLS connect: SSLv3/TLS write client hello
. 2023-09-22 09:14:59.622 TLS connect: SSLv3/TLS read server hello
. 2023-09-22 09:14:59.622 TLS connect: SSLv3/TLS read server certificate
. 2023-09-22 09:14:59.624 TLS connect: SSLv3/TLS read server key exchange
. 2023-09-22 09:14:59.624 TLS connect: SSLv3/TLS read server done
. 2023-09-22 09:14:59.631 TLS connect: SSLv3/TLS write client key exchange
. 2023-09-22 09:14:59.631 TLS connect: SSLv3/TLS write change cipher spec
. 2023-09-22 09:14:59.631 TLS connect: SSLv3/TLS write finished
. 2023-09-22 09:14:59.645 TLS connect: SSLv3/TLS write finished
. 2023-09-22 09:14:59.645 TLS connect: SSLv3/TLS read server session ticket
. 2023-09-22 09:14:59.645 TLS connect: SSLv3/TLS read change cipher spec
. 2023-09-22 09:14:59.645 TLS connect: SSLv3/TLS read finished
. 2023-09-22 09:14:59.645 Verifying certificate for "" with fingerprint f8:3c:6e:a5:fb:4d:a3:a2:da:54:3a:ca:e7:6e:f6:8b:23:a5:bd:d8:f6:d6:6b:02:74:ac:b9:38:5e:b1:b7:b1 and 20 failures
... etcetera.. getting folder names and stuff. Totally working.
Does someone know what causes this? Does WinSCP use SChannel? Maybe something registry setting that needs to be set? TLS 1.2 and 1.3 is enabled on that server (client-side)

I think I might be missing something stupidly simple. But I can't for life figure out what that might be.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
40,837
Location:
Prague, Czechia

Re: Cannot initiate SSL/TLS Explicit connection from a Windows 2022 Server host.

Did you test it with any other FTPS client?
WinSCP does not use SChannel for FTPS.

Reply with quote

Advertisement

You can post new topics in this forum