Highlighted

FTPS over SecureSocket

Engaged ,
Nov 06, 2018

Copy link to clipboard

Copied

Hello,

I'm developing an app which should transfer files to the web server over FTP protocol. For this purpose, I am using Socket class and communication works without any troubles. I am able to connect to the server, login and then download from or upload files to the server.

Now I want to implement secure connection over SSL too using SecureSocket class but I'm having issues to even establish connection with the server. I use ProFTPD on Debian with TLS v1.2 and a let's encrypt certificate.

But, for some reason I cannot connect to it over SecureSocket class at all. When I try to connect, I'm always getting error below, with certificate status as "invalid":

Error #2031: Socket Error. URL: mysite.com serverCertificateStatus: invalid

package 

  import flash.display.Sprite; 

  import flash.events.Event; 

  import flash.events.IOErrorEvent; 

  import flash.events.ProgressEvent; 

  import flash.events.SecurityErrorEvent; 

  import flash.net.SecureSocket; 

 

  public class FTPS extends Sprite 

  { 

    private var ftp:SecureSocket; 

 

    public function FTPS() 

    { 

      ftp = new SecureSocket(); 

      ftp.addEventListener(Event.CONNECT, onConnect); 

      ftp.addEventListener(ProgressEvent.SOCKET_DATA, onData); 

      ftp.addEventListener(IOErrorEvent.IO_ERROR, onError); 

      ftp.addEventListener(SecurityErrorEvent.SECURITY_ERROR, onSecurityError); 

      ftp.connect("mysite.com", 21); 

    } 

 

    protected function onConnect(event:Event):void 

    { 

      trace("CONNECT"); 

    } 

 

    protected function onData(event:ProgressEvent):void 

    { 

      trace("DATA:", ftp.readUTFBytes(ftp.bytesAvailable)); 

    } 

 

    protected function onError(event:IOErrorEvent):void 

    { 

      trace("ERROR:", event.errorID, event.text, ftp.serverCertificateStatus); 

    } 

 

    protected function onSecurityError(event:SecurityErrorEvent):void 

    { 

      trace("SECURITY ERROR"); 

    } 

  } 

What I have tried is to connect to this server on port 443 (over https protocol using Apache) with SecureSocket class and when I do this the connection has been made successfully and then as certificate status I'm getting "trusted" with the same let's encrypt certificate.

FTPS work with Filezilla and Filezilla check a valid, trusted certificate.

ProFtpd tls.log says :

SSL/TLS required but absent on control channel

Thanks

ProFTPD work now, I found the right configuration of ProFTPD

TLSOptions UseImplicitSSL NoSessionReuseRequired

The data channel has a strange behaviour using TLS, it's neccesary to push the ftp command before to connect.

TOPICS
Performance issues

Views

289

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

FTPS over SecureSocket

Engaged ,
Nov 06, 2018

Copy link to clipboard

Copied

Hello,

I'm developing an app which should transfer files to the web server over FTP protocol. For this purpose, I am using Socket class and communication works without any troubles. I am able to connect to the server, login and then download from or upload files to the server.

Now I want to implement secure connection over SSL too using SecureSocket class but I'm having issues to even establish connection with the server. I use ProFTPD on Debian with TLS v1.2 and a let's encrypt certificate.

But, for some reason I cannot connect to it over SecureSocket class at all. When I try to connect, I'm always getting error below, with certificate status as "invalid":

Error #2031: Socket Error. URL: mysite.com serverCertificateStatus: invalid

package 

  import flash.display.Sprite; 

  import flash.events.Event; 

  import flash.events.IOErrorEvent; 

  import flash.events.ProgressEvent; 

  import flash.events.SecurityErrorEvent; 

  import flash.net.SecureSocket; 

 

  public class FTPS extends Sprite 

  { 

    private var ftp:SecureSocket; 

 

    public function FTPS() 

    { 

      ftp = new SecureSocket(); 

      ftp.addEventListener(Event.CONNECT, onConnect); 

      ftp.addEventListener(ProgressEvent.SOCKET_DATA, onData); 

      ftp.addEventListener(IOErrorEvent.IO_ERROR, onError); 

      ftp.addEventListener(SecurityErrorEvent.SECURITY_ERROR, onSecurityError); 

      ftp.connect("mysite.com", 21); 

    } 

 

    protected function onConnect(event:Event):void 

    { 

      trace("CONNECT"); 

    } 

 

    protected function onData(event:ProgressEvent):void 

    { 

      trace("DATA:", ftp.readUTFBytes(ftp.bytesAvailable)); 

    } 

 

    protected function onError(event:IOErrorEvent):void 

    { 

      trace("ERROR:", event.errorID, event.text, ftp.serverCertificateStatus); 

    } 

 

    protected function onSecurityError(event:SecurityErrorEvent):void 

    { 

      trace("SECURITY ERROR"); 

    } 

  } 

What I have tried is to connect to this server on port 443 (over https protocol using Apache) with SecureSocket class and when I do this the connection has been made successfully and then as certificate status I'm getting "trusted" with the same let's encrypt certificate.

FTPS work with Filezilla and Filezilla check a valid, trusted certificate.

ProFtpd tls.log says :

SSL/TLS required but absent on control channel

Thanks

ProFTPD work now, I found the right configuration of ProFTPD

TLSOptions UseImplicitSSL NoSessionReuseRequired

The data channel has a strange behaviour using TLS, it's neccesary to push the ftp command before to connect.

TOPICS
Performance issues

Views

290

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Nov 06, 2018 0
Engaged ,
Nov 12, 2018

Copy link to clipboard

Copied

The problem is ProFTPd need a FTP Command "AUTH TLS" when secureSocket.connect( host, port );

How to add it at the connection ?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 12, 2018 0
Engaged ,
Nov 15, 2018

Copy link to clipboard

Copied

ProFTPD work now, I found the right configuration of ProFTPD

TLSOptions UseImplicitSSL NoSessionReuseRequired

The data channel has a strange behaviour using TLS, it's neccesary to push the ftp command before to connect.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 15, 2018 0