1. Home

Product groups

Support

ftp user ssl - WeOnlyDo Discussion board

ftp user ssl (General questions)

by Ed Weijma, Monday, May 14, 2012, 13:16 (4373 days ago)

Hello,

I must create a new connection with an extern client, using ftps (ftp with the ssl protocol). I have a certificate and a private key created on the system and I have a vbs script created that should do the job. After some errors testing with the vbs script I have come to the part to connect to the client. I get no errors but nothing happens and after some time I get a time out on the connection:
This operation returned because the timeout period expired.
Code: 800A05B4

I am doing something wrong, I have tried the protocol setting to 4 or 3 but that is not allowed. I have tried the passive mode in 0 and no result. I also can't find any logfile. I think i am almost there....

My script looks like this:

Option Explicit

Const ForAppend = 8

Dim objFTP, lst, cert, certificate, authCertificate
Dim Logfile, fsobject


sub Log(txt)
Logfile.writeline now & & txt
end sub

Set objFTP = WScript.CreateObject( WeOnlyDo.wodFtpDLXCom.1 , wod_ )

Sub wod_Connected(ErrorCode, ErrorText)
If not ErrorCode = 0 then
wscript.quit 1
End If
End Sub

Sub wod_Done(ErrorCode, ErrorText)
If not ErrorCode = 0 then
wscript.quit 1
End If
End Sub

Set cert = WScript.CreateObject( WeOnlyDo.Certificate.1 )

Set objFTP = WScript.CreateObject( WeOnlyDo.wodFtpDLXCom.1 , wod_ )

Set objFTP.Certificate = cert

cert.Loadkey D:install st.rsa , password
cert.Load D:install st.cer , password

objFTP.Hostname = clientname
objFTP.Protocol = 2
objFTP.Port = 990
objFTP.Passive = 1
objFTP.Authentication = authCertificate
objFTP.Login = clientname
objFTP.Password = password

objFTP.Blocking = 1

objFTP.Connect

objFTP.GetFiles d:AZR-NLALG , /
objFTP.Disconnect

I can't find anything about ftp using ssl in your documentation, thats why I use the knowledge database.
Can you please help me? I hope I have send you enough information.

locked
  3376 views

Re: ftp user ssl

by wodDamir, Monday, May 14, 2012, 13:46 (4373 days ago) @ Ed Weijma

Ed,

Are you sure that you need to use Implicit SSL at all? Please try setting Protocol to 2 or 3.

Also, Protocol, Port and Passive properties don't require quote characters. They aren't String type, so quotes shouldn't be used. You should either specify them as integer, boolean, or they're respective enumeration values.

One more thing. Are you sure that you even need certificate authentication at all?

Regards,
Damba

locked
  3335 views

Re: ftp user ssl

by Ed Weijma, Monday, May 14, 2012, 14:00 (4373 days ago) @ wodDamir

Hello Damba,

Thanx for replying so fast.

I am not sure that I must use Implicit SSL. I Think that you mean port 990? I can connect to the client by using a gui and there I use port 990. Must I use another port in the script?

I have tried setting protocol 2 and 3 but I get the same result.

We use in all our scripts quoted strings and it works. So everytime we create a new script we use the same parameters.

Your last question in your reply, you refer to the authentication property? We use this property for ftp for SSH, but the use of ftp for SSL is new to us. I must use the certificate and private key. I need those two files also in het gui.

Ed,

Are you sure that you need to use Implicit SSL at all? Please try setting Protocol to 2 or 3.

Also, Protocol, Port and Passive properties don't require quote characters. They aren't String type, so quotes shouldn't be used. You should either specify them as integer, boolean, or they're respective enumeration values.

One more thing. Are you sure that you even need certificate authentication at all?

Regards,
Damba

locked
  3487 views

Re: ftp user ssl

by wodDamir, Monday, May 14, 2012, 14:08 (4373 days ago) @ Ed Weijma

Ed,

You have a gui application that works? There should be no differences between GUI app and Script code. Both should work by setting the same parameters.

Please note that you're trying to set Protocol property to 2, while setting Port to 990. Protocol 2 is regular FTPS (using Auth SSL command), while port 990 is used for Implicit SSL (which doesn't use Auth SSL). This *could* be the reason why you would receive a timeout error since component would connect (and there is server on 990 who will accept connection) but further communication wouldn't be possible.

Regards,
Damba

locked
  3336 views

Re: ftp user ssl

by Ed Weijma, Monday, May 14, 2012, 14:52 (4373 days ago) @ wodDamir

Hello Demba,

I have looked at the properties of the site in the gui and I use port 990. I have tried to use port 21 but that's not working. In the properties in the gui I also refer to the global settings of the gui.

In the properties of the site in the gui I also set the setting of the options 'Data Connection Type' and 'Transfer Type' to Use global settings .

In the global settings in the security/SSL security section I set the certificate and private key.

I have tried different options in my wodftp script:
- change the protocol settings from 2 to 3.
- remove the protocol setting from the script.
- use port 21 instead of port 990.
- test the script by removing the authentication setting.

Every test I am getting the same result: Time out in the connect setting .

Maybe I have started wrong by copying a working script with ftp to SSH to a script and now working with ftp and SSL.

I need to use the certificate and the private ket and I think I have set those two files correctly in my script. Is de use of global setting a problem?

Thanks,
Ed


Ed,

You have a gui application that works? There should be no differences between GUI app and Script code. Both should work by setting the same parameters.

Please note that you're trying to set Protocol property to 2, while setting Port to 990. Protocol 2 is regular FTPS (using Auth SSL command), while port 990 is used for Implicit SSL (which doesn't use Auth SSL). This *could* be the reason why you would receive a timeout error since component would connect (and there is server on 990 who will accept connection) but further communication wouldn't be possible.

Regards,
Damba

locked
  3313 views

Re: ftp user ssl

by wodDamir, Monday, May 14, 2012, 14:59 (4373 days ago) @ Ed Weijma

Ed,

I'm not sure what you're reffering to a gui. You're using Control (.ocx) and referring to properties on the Control?

If so, please try setting properties in code instead.

As for Protocol / Port, 990 is used for FTPSImplicit protocol, which is setting 4 in wodFtpDLX. Please try setting it accordingly.

Regards,
Damba

locked
  3329 views

Re: ftp user ssl

by Ed Weijma, Monday, May 14, 2012, 15:30 (4373 days ago) @ wodDamir

Hello Damba,

I have used protocol 4 with port 990 in the script and yes I am a step further. Now I get an error in the next scriptline:
objFTP.GetFiles d:AZR-NLALG , / . In this part I want to get 3 files from the client to my own server.

The error I get is: SSL protocol error . This was the reason I tried also protocol 2 and 3.

I have tried to get the files with the gui and this works.

Thanks Ed

locked
  3370 views

Re: ftp user ssl

by wodDamir, Monday, May 14, 2012, 15:52 (4373 days ago) @ Ed Weijma

Ed,

What are you referring to as gui ? Gui as in .ocx, or gui application you made? Or gui, as in our sample?

You need to provide us more details. Please have in mind that I don't see the issue you're experiencing. Is there any chance we can reproduce this?

The error you're receiving is usual when i.e. SSH is used instead of FTPS where FTPS should be used.

Regards,
Damba

locked
  3307 views

Re: ftp user ssl

by Ed Weijma, Monday, May 14, 2012, 16:02 (4373 days ago) @ wodDamir

Damba,

Apologize for my answers. By using GUI I mean the graphical user Inferface. In our company we are using GlobalSCAPE CuteFTP as GUI and in my answers I refer to that gui. We are not allowed to use any other gui as CuteFTP and in that gui I refer to the site properties with use SSL Inplicit (port 990). Also in that gui I use global settings for my certificate and private key.

I can understand that the error is unusual for you. I send you my script that gave the protocol error. Maybe this is helpfull for you?

Option Explicit

Const ForAppend = 8

Dim objFTP, lst, cert, certificate, authCertificate
Dim Logfile, fsobject


sub Log(txt)
Logfile.writeline now & & txt
end sub

Set objFTP = WScript.CreateObject( WeOnlyDo.wodFtpDLXCom.1 , wod_ )

Sub wod_Connected(ErrorCode, ErrorText)
If not ErrorCode = 0 then
wscript.quit 1
End If
End Sub

Sub wod_Done(ErrorCode, ErrorText)
If not ErrorCode = 0 then
wscript.quit 1
End If
End Sub

Set cert = WScript.CreateObject( WeOnlyDo.Certificate.1 )

Set objFTP = WScript.CreateObject( WeOnlyDo.wodFtpDLXCom.1 , wod_ )

Set objFTP.Certificate = cert

cert.Loadkey D:install st.rsa , password
cert.Load D:install st.cer , password

objFTP.Hostname = username
objFTP.Protocol = 4
objFTP.Port = 990
objFTP.Passive = 1
objFTP.Authentication = authCertificate
objFTP.Login = username
objFTP.Password = password

objFTP.Blocking = 1

objFTP.Connect

objFTP.GetFiles d:AZR-NLALG , /
objFTP.Disconnect

Thannks Ed

Ed,

What are you referring to as gui ? Gui as in .ocx, or gui application you made? Or gui, as in our sample?

You need to provide us more details. Please have in mind that I don't see the issue you're experiencing. Is there any chance we can reproduce this?

The error you're receiving is usual when i.e. SSH is used instead of FTPS where FTPS should be used.

Regards,
Damba

locked
  3500 views

Re: ftp user ssl

by woddrazen, Monday, May 14, 2012, 16:33 (4373 days ago) @ Ed Weijma

Ed,


What happens if you remove quote characters from Protocol, Port and Passive Properties values? They shouldn't be used there.
[code]objFTP.Protocol = 4
objFTP.Port = 990
objFTP.Passive = 1 [/code]
Drazen

locked
  3258 views

Re: ftp user ssl

by Ed Weijma, Monday, May 14, 2012, 19:26 (4373 days ago) @ woddrazen

Hello Drazen/Damba,

I removed the quotes, but I got the same error in the same scriptline:
SSL protocol error
code: 800AEA60

locked
  3324 views

Re: ftp user ssl

by woddrazen, Monday, May 14, 2012, 20:02 (4373 days ago) @ Ed Weijma

Ed,


Can you maybe send us log from some client that can connect to your server? For example FileZilla.

You can also send us DebugFile Property output from wodFtpDLX.
[code]dlx1.DebugFile = c:\debug.txt
dlx1.Connect[/code]
so we can compare them and try to determine why issue occur.

You can send those logs to techsupport@weonlydo.com


Drazen

locked
  3296 views

Re: ftp user ssl

by Ed Weijma, Friday, June 08, 2012, 09:45 (4349 days ago) @ woddrazen

Hello WeOnlyDo,

Several weeks ago we have discussed the problem about making a connection with ftp over ssl. in one of your replies you ask if it was possible that you can test the connection yourself.

The last weeks I have tried to make this possible in our company and the client. Finally yesterday I get the permission so I can deliver you everything you need so you can test it yourself.

I have a certificate and a private key with the passwords.
I have mij own vbs script I use and that includes all the parameters.

Is that enough for you? And can you tell me how I send all the files to WeOnlyDo?

Kind regards.

Ed Weijma

Ed,


Can you maybe send us log from some client that can connect to your server? For example FileZilla.

You can also send us DebugFile Property output from wodFtpDLX.
[code]dlx1.DebugFile = c:\debug.txt
dlx1.Connect[/code]
so we can compare them and try to determine why issue occur.

You can send those logs to techsupport@weonlydo.com


Drazen

locked
  3342 views

Re: ftp user ssl

by woddrazen, Friday, June 08, 2012, 09:51 (4349 days ago) @ Ed Weijma

Ed,


Thanks, you can send this info to techsupport@weonlydo.com


Drazen

locked
  3316 views

You have been great as far as offering support is concerned and has been extremely responsive to both support requests and suggestions for product enhancements.

David Keenan
Serengeti Systems Incorporated

The people at WeOnlyDo are amazing! ... I always get a super fast response from customer service, and the products are great too. Thanks WeOnlyDo

Jeff Hall
Occupational Health Research

Your support is fantastic.

Douglas Michael Panchyshyn
The Net Software Group

...your service has been phenomenal. It's always quick and you are there when I need you.

James Newman
Castleberry Investments

Congratulations on an excellent product and first rate support!

Sander Pool
Rhapsody Networks

...I'm extremely impressed with the product, it represents excellent value for money...

Danny Haworth
Assetdisk

Your professionalism is reflected into your email, your product and your web site. I am confident that these will make the difference.

Sylvain Paquette
R&D Analyst at InfoPharm Inc.

Not only wodSFTPdll is excellent, the service you have provided is outstanding and second to none!

Ian D. Mead, author of UltraEdit-32
IDM Computer Solutions

...with WOD's excellent support I was able to bypass Winsock and focus on the task at hand...

Sander Pool
Rhapsody Networks

Brilliant, even works on the mobile phone...

Conrad Leigh
Leaf Wireless