Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
23.5k views
in Java FTP by (1.1k points)
Hello,

I don't understand well FTP SSL. I'm using Filezilla server, auto-signed certificat generated by Filezilla. I read documentation (How to) of edtFTPj/PRO, but it's defintily not enough for newbie in the world of SSL.

Can help me to find an example ?

Best regards

34 Answers

0 votes
by (1.1k points)
Thank you.

Unfortunatly, the first link is without certificate (if i understood well), and the second one, is the official How To that i read. And i don't understand it :(
This How To don't have a complete example of FTPS with certificate.
0 votes
by (1.1k points)
I just found a complete example in How To. Sorry I missed it.
I'm gonna try to run it. :)
0 votes
by (1.1k points)
I don't understand this line :

ftp.getRootCertificateStore().importPEMFile(serverCertFilename);


The serverCertFilename :)
I made a certificate.crt with Filezilla on server, is that what this function expect ?
Is that a server path, or a path on client ?
0 votes
by (51.1k points)
I'm not sure which format FileZilla server uses, but in principle, yes you need to import it into the root certificate store. Or you can simply disable certificate validation by doing "ftp.setValidateServer(false);".

- Hans (EnterpriseDT
0 votes
by (1.1k points)
So i need to have de CRT File on server AND on the client ?
THe path is a local path ?
0 votes
by (51.1k points)
You only need to do this if you have server validation enabled. Server validation allows the client to be certain that it is talking to the right server and not an imposter.

- Hans (EnterpriseDT)
0 votes
by (1.1k points)
So if ServerValidation is false ... client don't check if it's the good server ... ok.
But in this case, does the server check it's the good client ?

In other word : what is the difference between a normal FTP et a FTPS without server validation ?
0 votes
by (161k points)
FTPS is encrypted, so no-one can eavesdrop on the username and password (and data) being sent to the server. With FTP, the password is unencrypted and easily seen.
0 votes
by (1.1k points)
I made that and i have a login problem :

My code :

SSLFTPClient secureFtpClient = new SSLFTPClient();
secureFtpClient.setConfigFlags(SSLFTPClient.ConfigFlags.DISABLE_CONTROL_SSL_CLOSURE);
secureFtpClient.setRemoteHost("10.0.0.164");
secureFtpClient.setRemotePort(990);
secureFtpClient.getRootCertificateStore().importCertificates("C:\\certificate.crt");
secureFtpClient.connect();
secureFtpClient.auth(SSLFTPClient.AUTH_TLS);
secureFtpClient.login("admin", "admin");

(...) // FTP transfert
                           
secureFtpClient.quit();


Log of Java :

Exception : com.enterprisedt.net.ftp.ControlChannelIOException: Read timed out ;
Exception : com.enterprisedt.net.ftp.ControlChannelIOException: Control channel unexpectedly closed ('' read so far) ;


Filezilla Server screen :

(000217)01/12/2011 23:57:56 - (not logged in) (10.0.0.22)> Connected, sending welcome message...
(000217)01/12/2011 23:57:56 - (not logged in) (10.0.0.22)> 220-FileZilla Server version 0.9.40 beta
(000217)01/12/2011 23:57:56 - (not logged in) (10.0.0.22)> 220-written by Tim Kosse (Tim.Kosse@gmx.de)
(000217)01/12/2011 23:57:56 - (not logged in) (10.0.0.22)> 220 Please visit http://sourceforge.net/projects/filezilla/
(000217)01/12/2011 23:58:57 - (not logged in) (10.0.0.22)> disconnected.

Categories

...