When connecting to an FTPS server (why does anyone use this protocol? ugh) the connection always fails when validating the certificate. The certificate is signed by a CA whose root certificate is in the Java keystore. HTTPS connections to a server using certificates signed by the same CA from the same JRE work fine, but the FTPS connection does not.
Is it necessary to tell the SSLFTPClient to use the default Java keystore? It seems like it should know to use this keystore to attempt to validate certificates. What am I missing?