The topic How to use FTPS (introduction) and subsequent FTPS topics describe the FTPS features of SSLFTPClient. This topic demonstrates how SecureFileTransferClient can be used for FTPS.
At the most basic level of FTPS, assuming that the remote host, user and password are set, all that is required is to set the protocol to FTPS_EXPLICIT, which is done via the setProcotol method, as below:
ftp.setProtocol(Protocol.FTPS_EXPLICIT);
ftp.connect();The code above, by default, does not perform server validation. Server validation should always be enabled for production machines, so that the wrong server is not communicated with. To validate the server, the root certificates file must be loaded, via the loadSSLServerValidation method:
ftp.loadSSLServerValidation(rootCertPath);
ftp.connect();Numerous other SSL settings, including those for client validation, ciphers and server compatibility settings can be accessed via the AdvancedSSLSettings class, accessed by the getAdvancedSSLSettings() method.
Other configuration options are available via the AdvancedFTPSettings class, accessed by the getAdvancedFTPSettings() method, and the AdvancedGeneralSettings class, accessed by the getAdvancedSettings() method.
All of these configuration options should be set before the connect() method is called.
The following example illustrates the use of SecureFileTransferClient for explicit mode FTPS, using both client and server validation. Note that the client certificate must be registered with the server for client validation to work correctly.
// basic settings
SecureFileTransferClient client = new SecureFileTransferClient();
client.setRemoteHost(host);
client.setUserName(user);
client.setPassword(password);
client.setProtocol(Protocol.FTPS_EXPLICIT);
// server validation
client.loadSSLServerValidation(rootCert);
// client validation - set the client certificate details
client.getAdvancedSSLSettings().setClientCertificatePath(keyFileName);
client.getAdvancedSSLSettings().setClientCertificatePassphrase(keyFilePassword);
// connect
client.connect();
// do stuff
// disconnect from server
client.disconnect();