Databases
StackOverflow2013
Postsdbo
POCertificate validation/installation for FTPS (SSL)?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POCertificate validation/installation for FTPS (SSL)?
    text
    copied!<p>I am using FileZilla as the server and a DNS service, so that I wouldn't have to use my local machine IP (but I've tried the following methods on both).</p> <p>After trying System.Net.FtpWebRequest to work, I've read around (including a few posts on SO) and found out that the SSL support is not very adequate with that library. It was working with regular FTP, but when I tried forcing SSL, I was getting a certificate validation error saying: <code>The remote certificate is invalid according to the validation procedure.</code> </p> <p>So, I've done some searching around and found <strong>Alex FTPS Client</strong> library. Here's the code I wrote up:</p> <pre><code>class FTPSWorker { public static void UploadFile(string sourceFile, string targetFile, string ftpIP, string ftpUser, string ftpPass) { try { using (FTPSClient client = new FTPSClient()) { client.Connect(ftpIP, new NetworkCredential(ftpUser, ftpPass), ESSLSupportMode.CredentialsRequired | ESSLSupportMode.DataChannelRequested); client.SetTransferMode(ETransferMode.Binary); client.PutFile(sourceFile, targetFile); } } catch (Exception ex) { MessageBox.Show(ex.Message); } } </code></pre> <p>Unfortunately, I was getting the same exact certificate error. I can, however, access the FTP server perfectly fine using FileZilla client. So, I figured there would have to be a certificate issue.</p> <p>I should note that my server was showing the following log entries:</p> <pre><code>Welcome Message AUTH TLS 234 Using authentication type TLS SSL connection established disconnected </code></pre> <p>While the client (C# WPF application) was getting this error:</p> <pre><code>The remote certificate is invalid according to the validation procedure. </code></pre> <p>This is absolutely exact same error if I use the .NET library and MSDN code.</p> <p>I've done more research and found solutions similar to these:</p> <p><a href="https://stackoverflow.com/questions/9983265/the-remote-certificate-is-invalid-according-to-the-validation-procedure">The remote certificate is invalid according to the validation procedure</a></p> <p><a href="https://stackoverflow.com/questions/777607/the-remote-certificate-is-invalid-according-to-the-validation-procedure-using">&quot;The remote certificate is invalid according to the validation procedure.&quot; using Gmail SMTP server</a></p> <p>But they just seem like risky hacks... And while they do work, is there a way to have certification information to appear and maybe have user validate it/install it besides the basic Yes/No that it's currently using?</p> <p>My code right now (I ditched Alex's library and went back to default .NET):</p> <pre><code>ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(FTPWorker.ValidateServerCertificate); public class FTPWorker { public static void UploadFile(string sourceFile, string targetFile, string ftpIP, string ftpUser, string ftpPass) { try { string filename = "ftp://" + ftpIP + "/test/" + targetFile; FtpWebRequest ftpReq = (FtpWebRequest)WebRequest.Create(filename); ftpReq.Method = WebRequestMethods.Ftp.UploadFile; ftpReq.Credentials = new NetworkCredential(ftpUser, ftpPass); ftpReq.UsePassive = true; ftpReq.EnableSsl = true; ftpReq.UseBinary = true; ftpReq.KeepAlive = false; byte[] b = File.ReadAllBytes(sourceFile); ftpReq.ContentLength = b.Length; using (Stream s = ftpReq.GetRequestStream()) { s.Write(b, 0, b.Length); } FtpWebResponse ftpResp = (FtpWebResponse)ftpReq.GetResponse(); if (ftpResp != null) { MessageBox.Show(ftpResp.StatusDescription); } } catch (Exception e) { MessageBox.Show(e.Message); } } public static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { if (sslPolicyErrors == SslPolicyErrors.None) return true; else { if (System.Windows.Forms.MessageBox.Show("The server certificate is not valid.\nAccept?", "Certificate Validation", System.Windows.Forms.MessageBoxButtons.YesNo, System.Windows.Forms.MessageBoxIcon.Question) == System.Windows.Forms.DialogResult.Yes) return true; else return false; } } } </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload