I try to connect to an FTP over TLS (FTPS) but I get the error below... I have no clue how to troubleshoot this... using
GiveUpSecurityAndAcceptAnyTlsHostCertificate
helps connecting but when enumerating the folder I get another error:
Error listing directory '/'.
TLS connect: failed in SSLv3 read finished A
Can't establish TLS connection
Could not retrieve directory listing
I also don't want to use
GiveUpSecurityAndAcceptAnyTlsHostCertificate
of course.
Can anyone help or point me in the right direction please?
. Connecting to ftps.company.com:port ...
. Connected with ftps.company.com:port, negotiating TLS connection...
< 220 Microsoft FTP Service
> AUTH TLS
< 234 AUTH command ok. Expecting TLS Negotiation.
. Verifying certificate for "company Anon" with fingerprint 15:38:22:e9:92:78:c4:ac:95:54:88:8b:11:7e:dd:5a:ff:9a:8b:45 and 19 failures
. Certificate common name "*.company.com" matches hostname
. Certificate failed to verify against Windows certificate store: Error: 800B0109, Chain index: 0, Element index: -1
. Asking user:
. **The server's certificate is not known. You have no guarantee that the server is the computer you think it is.**
.
. Server's certificate details follow:
.
. Issuer:
. - Organization: clientCompany, SSL Inspection, it@clientCompany.com
.
. Subject:
. - Organization: company Anon, *.company.com
.
. Valid: 12/01/2018 17:30:54 - 1/04/2021 9:55:08
.
. Fingerprint (SHA-1): 15:38:22:e9:92:78:c4:ac:95:54:88:8b:11:7e:dd:5a:ff:9a:8b:45
.
. Summary: Self-signed certificate in certificate chain. The error occurred at a depth of 4 in the certificate chain.
.
. If you trust this certificate, press Yes. To connect without storing certificate, press No. To abandon the connection press Cancel.
.
. Continue connecting and store the certificate? ()
. Peer certificate rejected
. Disconnected from server
. Connection failed.
I connect as follows (this is also what WinSCP UI generated:
SessionOptions = new SessionOptions
{
Protocol = Protocol.Ftp,
HostName = hostName,
PortNumber = portNumber,
UserName = username,
Password = password,
FtpSecure = FtpSecure.Explicit,
TlsHostCertificateFingerprint = ....,
};