Reputation: 369
Connecting to FTPS (FTP over SSL) with FluentFTP
I am using IIS in my local machine for testing FTP with SSL connection. I am using the FluentFTP library for connecting to the FTP. I am using the following code to connect to the Server.
FtpClient conn = new FtpClient();
conn.Host = firewallSslDetails.Address;
conn.Credentials = new NetworkCredential(firewallSslDetails.UserName, firewallSslDetails.Password);
conn.SslProtocols = System.Security.Authentication.SslProtocols.Default;
X509Certificate2 cert = new X509Certificate2(@"C:\Users\BizTalk360\Desktop\FtpSites\ServerCert.cer");
conn.EncryptionMode = FtpEncryptionMode.Implicit;
conn.DataConnectionType = FtpDataConnectionType.AutoActive;
conn.DataConnectionEncryption = true;
conn.EnableThreadSafeDataConnections = false;
conn.ClientCertificates.Add(cert);
conn.ValidateCertificate += new FtpSslValidation(OnValidateCertificate);
conn.Connect();
The server is returning me with the following error.
FluentFTP.FtpCommandException: Policy requires SSL.; Win32 error: Access is denied.; Error details: SSL policy requires SSL for control channel.;
For connecting over FTP the above code is working fine and for FTP with SSL it is not working.
Upvotes: 11
Views: 32522
Answers (2)
Reputation: 202692
As you seem to be connecting to the default port 21 (no explicit port specified anywhere), you need to use the "Explicit" mode:
conn.Config.EncryptionMode = FtpEncryptionMode.Explicit;
If the server uses a self-signed certificate, you may need to verify it programmatically. Do not blindly accept any certificate, as the answer by @Ivan does. That's a security flaw. Validate the specific certificate, e.g. by checking its fingerprint.
See FtpWebRequest "The remote certificate is invalid according to the validation procedure".
Upvotes: 18
Reputation: 39
//try this ,
var cl = new FtpClient(Server, Port, User, Password);
cl.EncryptionMode = FtpEncryptionMode.Implicit;
cl.DataConnectionType = FtpDataConnectionType.AutoPassive;
cl.DataConnectionEncryption = true;
cl.SslProtocols = protocol;
cl.ValidateCertificate += new FtpSslValidation(OnValidateCertificate);
var cer = new X509Certificate2(certificate);
cl.ClientCertificates.Add(cer);
System.Net.ServicePointManager.ServerCertificateValidationCallback = ServerCertificateValidationCallback;
client.Connect();
void OnValidateCertificate(FtpClient control, FtpSslValidationEventArgs e)
{
// add logic to test if certificate is valid here
e.Accept = true;
}
private bool ServerCertificateValidationCallback(object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
return true;
}
Upvotes: 1
Related Questions
- Can connect to FTP using FileZilla or WinSCP, but not with FtpWebRequest or FluentFTP
- FluentFTP: The remote certificate is invalid according to the validation procedure
- FluentFTP and TLS connection to IIS fails with error 534
- FTP Connection issue- using FluentFTP for port 990 -TLS
- Connect to ftps:// URL
- "Authentication failed because the remote party has closed the transport stream" when transferring to/from FTP server over TLS/SSL using FluentFTP
- FTPS (FTP over SSL) in C#
- FTP over SSL issue
- Raw FTP SSL with C#
- how to use FTP SSL c#