FTPS over SecureSocket

Report · Nov 06, 2018

Hello,

I'm developing an app which should transfer files to the web server over FTP protocol. For this purpose, I am using Socket class and communication works without any troubles. I am able to connect to the server, login and then download from or upload files to the server.

Now I want to implement secure connection over SSL too using SecureSocket class but I'm having issues to even establish connection with the server. I use ProFTPD on Debian with TLS v1.2 and a let's encrypt certificate.

But, for some reason I cannot connect to it over SecureSocket class at all. When I try to connect, I'm always getting error below, with certificate status as "invalid":

Error #2031: Socket Error. URL: mysite.com serverCertificateStatus: invalid

package  
{  
  import flash.display.Sprite;  
  import flash.events.Event;  
  import flash.events.IOErrorEvent;  
  import flash.events.ProgressEvent;  
  import flash.events.SecurityErrorEvent;  
  import flash.net.SecureSocket;  
  
  public class FTPS extends Sprite  
  {  
    private var ftp:SecureSocket;  
  
    public function FTPS()  
    {  
      ftp = new SecureSocket();  
      ftp.addEventListener(Event.CONNECT, onConnect);  
      ftp.addEventListener(ProgressEvent.SOCKET_DATA, onData);  
      ftp.addEventListener(IOErrorEvent.IO_ERROR, onError);  
      ftp.addEventListener(SecurityErrorEvent.SECURITY_ERROR, onSecurityError);  
      ftp.connect("mysite.com", 21);  
    }  
  
    protected function onConnect(event:Event):void  
    {  
      trace("CONNECT");  
    }  
  
    protected function onData(event:ProgressEvent):void  
    {  
      trace("DATA:", ftp.readUTFBytes(ftp.bytesAvailable));  
    }  
  
    protected function onError(event:IOErrorEvent):void  
    {  
      trace("ERROR:", event.errorID, event.text, ftp.serverCertificateStatus);  
    }  
  
    protected function onSecurityError(event:SecurityErrorEvent):void  
    {  
      trace("SECURITY ERROR");  
    }  
  }  
}

What I have tried is to connect to this server on port 443 (over https protocol using Apache) with SecureSocket class and when I do this the connection has been made successfully and then as certificate status I'm getting "trusted" with the same let's encrypt certificate.

FTPS work with Filezilla and Filezilla check a valid, trusted certificate.

ProFtpd tls.log says :

SSL/TLS required but absent on control channel

Thanks

Report · Nov 12, 2018

The problem is ProFTPd need a FTP Command "AUTH TLS" when secureSocket.connect( host, port );

How to add it at the connection ?

Report · Nov 15, 2018

ProFTPD work now, I found the right configuration of ProFTPD

TLSOptions UseImplicitSSL NoSessionReuseRequired

The data channel has a strange behaviour using TLS, it's neccesary to push the ftp command before to connect.

Adobe Community

FTPS over SecureSocket

1 Correct answer