Connecting to FTPS (FTP over SSL) with FluentFTP
Solution 1
As you seem to be connecting to the default port 21 (no explicit port specified anywhere), you need to use the "Explicit" mode:
conn.EncryptionMode = FtpEncryptionMode.Explicit;
If the server uses a self-signed certificate, you may need to verify it programmatically. Do not blindly accept any certificate, as the answer by @Ivan does. That's a security flaw. Validate the specific certificate, e.g. by checking its fingerprint.
See FtpWebRequest "The remote certificate is invalid according to the validation procedure".
Solution 2
//try this ,
var cl = new FtpClient(Server, Port, User, Password);
cl.EncryptionMode = FtpEncryptionMode.Implicit;
cl.DataConnectionType = FtpDataConnectionType.AutoPassive;
cl.DataConnectionEncryption = true;
cl.SslProtocols = protocol;
cl.ValidateCertificate += new FtpSslValidation(OnValidateCertificate);
var cer = new X509Certificate2(certificate);
cl.ClientCertificates.Add(cer);
System.Net.ServicePointManager.ServerCertificateValidationCallback = ServerCertificateValidationCallback;
client.Connect();
void OnValidateCertificate(FtpClient control, FtpSslValidationEventArgs e)
{
// add logic to test if certificate is valid here
e.Accept = true;
}
private bool ServerCertificateValidationCallback(object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
return true;
}
Related videos on Youtube
Jothi Prakash Anandan
Updated on September 15, 2022Comments
-
Jothi Prakash Anandan over 1 year
I am using IIS in my local machine for testing FTP with SSL connection. I am using the FluentFTP library for connecting to the FTP. I am using the following code to connect to the Server.
FtpClient conn = new FtpClient(); conn.Host = firewallSslDetails.Address; conn.Credentials = new NetworkCredential(firewallSslDetails.UserName, firewallSslDetails.Password); conn.SslProtocols = System.Security.Authentication.SslProtocols.Default; X509Certificate2 cert = new X509Certificate2(@"C:\Users\BizTalk360\Desktop\FtpSites\ServerCert.cer"); conn.EncryptionMode = FtpEncryptionMode.Implicit; conn.DataConnectionType = FtpDataConnectionType.AutoActive; conn.DataConnectionEncryption = true; conn.EnableThreadSafeDataConnections = false; conn.ClientCertificates.Add(cert); conn.ValidateCertificate += new FtpSslValidation(OnValidateCertificate); conn.Connect();
The server is returning me with the following error.
FluentFTP.FtpCommandException: Policy requires SSL.; Win32 error: Access is denied.; Error details: SSL policy requires SSL for control channel.;
For connecting over FTP the above code is working fine and for FTP with SSL it is not working.
-
Martin Prikryl about 3 yearsDo not blindly accept any certificate. That's a security flaw. Validate the specific certificate, e.g. by checking its fingerprint. See FtpWebRequest "The remote certificate is invalid according to the validation procedure".