cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: ftps

From: kuriakose <kuriakose_at_huawei.com>
Date: Sat, 17 Mar 2007 15:41:33 +0530

The previous problem was due to the build of pure-ftpd
I compiled the pure-ftpd with the option
--with-tls --with-certfile=/etc/ssl/private/pure-ftpd.pem

The pure-ftpd.pem was generated using the command
openssl req -x509 -nodes -newkey rsa:1024 -keyout \
/etc/ssl/private/pure-ftpd.pem \
-out /etc/ssl/private/pure-ftpd.pem

Now I have a client exe in windows where I use libcurl to connect to the
Pure ftp server in suse linux

The options I give in the client are
        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER,TRUE);
        curl_easy_setopt(curl,CURLOPT_FTP_SSL ,CURLFTPSSL_ALL);
        curl_easy_setopt(curl,CURLOPT_FTPSSLAUTH ,CURLFTPAUTH_SSL);
        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2);
        curl_easy_setopt(curl, CURLOPT_CAINFO,ftpcertFile.c_str());
        curl_easy_setopt(curl,CURLOPT_CAPATH,".");

where the ftpcertFile is the same pure-ftpd.pem which I generated in the
server and copied to the client machine .

Now I am getting this error.
< 220---------- Welcome to Pure-FTPd [TLS] ----------
< 220-You are user number 3 of 50 allowed.
< 220-Local time is now 15:32. Server port: 21.
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> AUTH SSL
< 500 This security scheme is not implemented
> AUTH TLS
< 234 AUTH TLS OK.
* successfully set certificate verify locations:
* CAfile: pure-ftpd.pem
CApath: .
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
faile
d
* Closing connection #0
* peer certificate cannot be authenticated with known CA certificates

Please help !

-----Original Message-----
From: Daniel Stenberg [mailto:daniel_at_haxx.se]
Sent: Saturday, March 17, 2007 3:09 PM
To: kuriakose_at_huawei.com; libcurl development
Subject: Re: ftps

On Sat, 17 Mar 2007, kuriakose wrote:

> "ftps://user:pwd_at_10.x.x.x/home/dir1/dir2/filename.ext"

> * Connected to 10.x.x.x(10.x.x.x) port 21 (#0)

An FTPS URL to port 21, really?

>> AUTH SSL
> < 500 This security scheme is not implemented
>
>> AUTH TLS
> < 500 This security scheme is not implemented

Eh, this server doesn't seem to want to play ftp-ssl at all.

> The pure-ftp is compiled with ssl support.

[...]

> Is there any other configuration for pure-ftpd .

This seems like a server-side problem so you are probably better of asking
in
a pure-ftpd related forum...

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html

Received on 2007-03-17

This message: [ Message body ]
Next message: Daniel Stenberg: "RE: ftps"
Previous message: Daniel Stenberg: "Re: Crash using WRITEDATA callback depending on CUSTOMREQUEST sent!"
In reply to: Daniel Stenberg: "Re: ftps"
Next in thread: Daniel Stenberg: "RE: ftps"
Reply: Daniel Stenberg: "RE: ftps"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]