Re: TIdFTP + SSL

Giganews Newsgroups
Subject: Re: TIdFTP + SSL
Posted by:  J. Peter Mugaas (oma002…@mail.wvnet.edu)
Date: Thu, 27 Jan 2005

On Tue, 25 Jan 2005 23:23:02 -0700, Steve Flitman wrote:

> I am having trouble with this in Indy 10, getting
>
> Exception EIdTLSClientTLSNotAvailable
> "Start SSL Negotiation Command failed"
>
> when I call FTP->Connect()
>
> My TIdFTP is set up as follows:
>
> // set host, username, password from host entry
> FTP->Host=params->find("Domain");
> FTP->Username=params->find("Username");
> FTP->Password=params->find("Password");
>
> // if security requested, set it up
> if (s=="Normal") {
>     FTP->IOHandler=NULL;
>     FTP->UseTLS=utNoTLSSupport;
>     FTP->DataPortProtection=ftpdpsClear;
> } else
> if (s=="Fallback" || s=="Secure") {          // doesn't work
>     FTP->IOHandler=Form1->SSLIOHandler;
>     FTP->UseTLS=utUseRequireTLS;
>     FTP->DataPortProtection=ftpdpsPrivate;
> }
>
> // connect
> FTP->Connect();
>
> I have Form1->SSLIOHandler, a TIOSSLHandlerSocketOpenSSL component, with
> the following non-default properties:
>
> SSLOptions.CertFile="class3.cer";    // x509 class 3 root certificate
> SSLOptions.CipherList="";        // don't know what to put here
> SSLOptions.KeyFile="";            // do I need this, I'm a client
> SSLOptions.Method=sslvSSLv23;
> SSLOptions.Mode=sslmClient;
> SSLOptions.RootCertFile="";        // different from CertFile?
> SSLOptions.VerifyDepth=2;
> SSLOptions.VerifyDirs="";        // ?
> SSLOptions.VerifyMode=[sslvrfPeer];
>
> I haven't set any event handlers for SSLIOHandler
>
> Any help greatly appreciated!
>
This sounds like a problem with SSL which I can't help you with.  You
probably should check the configuration of the FTP Server to make sure it
is sending a valid certificate.  You may want to also set a breakpoint at
the start of the "VerifyCallback" function in IdSSLOpenSSL to see what
happens.

You might be able to get help on the SSL newsgroup.

Replies

None

In response to

TIdFTP + SSL posted by Steve Flitman on Tue, 25 Jan 2005