Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
in General by (140 points)
When connecting to an FTPS server (why does anyone use this protocol? ugh) the connection always fails when validating the certificate. The certificate is signed by a CA whose root certificate is in the Java keystore. HTTPS connections to a server using certificates signed by the same CA from the same JRE work fine, but the FTPS connection does not.

Is it necessary to tell the SSLFTPClient to use the default Java keystore? It seems like it should know to use this keystore to attempt to validate certificates. What am I missing?

1 Answer

0 votes
by (158k points)

Yes, you'll need to tell the client to use the default Java keystore. 

Use SSLFTPClient.getRootCertificateStore() to get the SSLFTPCertificateStore. This class has various methods to load keystores, including the Java keystore.