FTPS Certificate authentication without password (wodFTPServer)
by tamilarasan, Thursday, May 07, 2009, 11:55 (5466 days ago)
Hi,
We want to use FTPS Certificate authentication.
We are using the following code.
Dim ftpsDLX As WeOnlyDo.Client.FtpDLX
ftpsDLX = New WeOnlyDo.Client.FtpDLX()
ftpsDLX.Blocking = True
ftpsDLX.Hostname = ftpInfo.m_transfer_host
ftpsDLX.Login = ftpInfo.m_transfer_login
Dim cert As System.Security.Cryptography.X509Certificates.X509Certificate2
Dim daClientMaster As New ClientMasterDA
cert = New System.Security.Cryptography.X509Certificates.X509Certificate2
cert.Import(strCertPath)
ftpsDLX.Certificate = cert
ftpsDLX.Protocol = WeOnlyDo.Client.Protocols.FTPSwithdata
ftpsDLX.Authentication = WeOnlyDo.Client.Authentications.Certificate
ftpsDLX.Connect()
It throws the following error
The specified network password is not correct.
It is expecting password.
Is it possible to use FTPs certificate authentication without using password.
Thanks,
Tamil.
Re: FTPS Certificate authentication without passwo
by wodDamir, Thursday, May 07, 2009, 14:14 (5466 days ago) @ tamilarasan
Hi Tamil,
Yes, that's possible, but server has to support it too. Are you sure that Certificate authentication is enabled on the server, and your account certificate is loaded on server side?
Regards,
Damba
Re: FTPS Certificate authentication without passwo
by tamilarasan, Thursday, May 07, 2009, 14:30 (5466 days ago) @ wodDamir
Hi Damba,
Yes Certificate authentication is enabled on the server, and also its loaded on server.
While creating certificate(self signed certificate) using coreFTP server it is creating two files 00000001.p12 and 00000001.cer.
If we are using 00000001.p12 file to load as a certificate it is asking password and It is throwing error The specified network password is not correct.
If we are using 00000001.cer file to load as a certificate , it is asking private key. But it is null so it is throwing error Failed to import private key.
Please help us to overcome this issue.
Thanks,
Tamil.
Re: FTPS Certificate authentication without passwo
by wodDamir, Thursday, May 07, 2009, 15:44 (5466 days ago) @ tamilarasan
Tamil,
Certificate authentication in CoreFTP is only for public/private key authentication (SFTP protocol), and not FTPS which you are using.
I would suggest that you try Titan FTP Server, which has support for client certificate authentication, where you can assign certificate for each user.
Hope this helps.
Regards,
Damba
Re: FTPS Certificate authentication without passwo
by tamilarasan, Friday, May 08, 2009, 06:29 (5466 days ago) @ wodDamir
Hi Damba,
Can we use the same code for client certificate authentication.
or do you have any same code for client certificate authentication(FTPS).
Thanks,
Tamil.
Re: FTPS Certificate authentication without passwo
by tamilarasan, Saturday, May 09, 2009, 07:25 (5465 days ago) @ tamilarasan
Hi,
I have created the certificate file using Tital FTP server
(test.pem).
When I have tried to import the file using ftpDLX component
cert.import(filename). I am getting the following error
Cannot find the requested object .
Thanks,
Tamil.
Re: FTPS Certificate authentication without passwo
by woddrazen, Saturday, May 09, 2009, 09:37 (5464 days ago) @ tamilarasan
Tamil,
Please use wodCertificate Load Method to load certificate from file.
More help for Load Method you can find here:
http://www.weonlydo.com/CertMng/Help/WODCERTMNGLib~Certificate~Load.html
Drazen
Re: FTPS Certificate authentication without passwo
by tamilarasan, Saturday, May 09, 2009, 10:55 (5464 days ago) @ woddrazen
Hi,
Do we need to add any dll or import any classes for using
wodCertificate.
I am getting error 'Type wodCertificate is not defined'.
Thanks,
Tamil.
Re: FTPS Certificate authentication without passwo
by woddrazen, Saturday, May 09, 2009, 17:56 (5464 days ago) @ tamilarasan
Tamil,
You need to import first wodCertificate.dll in your project.
Here is code you need to use in VB.NET to load certificate using wodCertificate:
[code] Dim cert As New WODCERTMNGLib.Certificate
cert.Load( c:\cert.txt , password )[/code]
I send you wodCertificate.dll to your ticket question.
Drazen
Re: FTPS Certificate authentication without passwo
by tamilarasan, Monday, May 11, 2009, 07:17 (5463 days ago) @ woddrazen
Hi,
I got the wodCertificate.dll which you have sent.
But I am not able to add the referece to our project.
And also I am not able to add it into GAC.
Could you please help me to use this dll.
Thanks,
Tamil.
Re: FTPS Certificate authentication without passwo
by wodDamir, Monday, May 11, 2009, 08:47 (5462 days ago) @ tamilarasan
Hi Tamil,
Actually, wodCertificate is ActiveX (not .Net) so it won't be in GAC. You should browse for the file and add reference.
However, let's go back to your initial code. It should work. Can you try not to separate certificate/private key, but keep it in .p12 format?
Then use Import statement to import the certificate, but use wodFtpDLX's PrivateKey to pass it certificate's PrivateKey?
Something like this:
wodFtpDlx1.PrivateKey = cert.PrivateKey.ToXMLString(false);
Can you try that?
Regards,
Damba
Re: FTPS Certificate authentication without passwo
by tamilarasan, Monday, May 11, 2009, 08:55 (5462 days ago) @ wodDamir
Hi,
We have tried with .p12 file .
But for that one we have to pass the password which we have used to create the certificate.
for eg:
cert.Import(filePath, password , System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable)
What we need is , how to use the FTPS certificate authentication without passing any password.
Thanks,
Tamil.
Re: FTPS Certificate authentication without passwo
by wodDamir, Monday, May 11, 2009, 09:23 (5462 days ago) @ tamilarasan
Tamil,
Unfortunately, this isn't supported in Titan FTP Server. Titan requires certificates to be secured using password, since that password is used to encrypt/decrypt the certificate.
You would need to find a Server that does. I tried the following code with our wodFtpServer so I can confirm that works:
[code] WeOnlyDo.Client.FtpDLX ftp1 = new WeOnlyDo.Client.FtpDLX();
System.Security.Cryptography.X509Certificates.X509Certificate2 cert = new System.Security.Cryptography.X509Certificates.X509Certificate2();
cert.Import(@ C:certificate.pfx , , System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable);
ftp1.Hostname = 127.0.0.1 ;
ftp1.Login = Damir ;
ftp1.Protocol = WeOnlyDo.Client.Protocols.FTPS;
ftp1.Authentication = WeOnlyDo.Client.Authentications.Certificate;
ftp1.Blocking = true;
ftp1.Certificate = cert;
ftp1.PrivateKey = cert.PrivateKey.ToXmlString(false);
ftp1.Connect();[/code]
If you wish, you can download trial version of wodFtpServer, and try it out with the samples.
You can download it directly from here: http://www.weonlydo.com/Samples/wodFTPServer.exe
Hope this helps.
Regards,
Damba
