Re: Why is port 990 being used for implicit connection instead of port 21?

Giganews Newsgroups
Subject: Re: Why is port 990 being used for implicit connection instead of port 21?
Posted by:  J. Peter Mugaas (oma002…@mail.wvnet.edu)
Date: Fri, 24 Jun 2005

On Wed, 22 Jun 2005 23:24:50 -0400, Michael J. Leaver wrote:
> If I tell an FTP server to use port 21 for implicit SSL/TLS
> connections, and set the Port to 21 in TIdFTP, it fails to connect.
> Using TCPView (from SysInternals) I see that an attempt is instead
> made to connect to port 990, and not port 21. However, if I
> configure the FTP server, and TIdFTP, to use port 991 for implicit
> SSL/TLS connections, it correctly connects to port 991.

The port in TIdFTP changes from 21 to 990 if you set it to use implicit SSL/TLS.  That's by design because that is the default port for FTP using implicit SSL/TLS.  After you change the UseTLS property, you should be able to set it back to port 21 and have it do implicit SSL/TLS.    If you can't, then it probably is a bug.

I doubt that you really want to use implicit SSL/TLS on port 21 because servers supporting SSL do something different than implicit SSL/TLS.  They use Explicit SSL/TLS.  When doing that, the connection starts just any other standard port 21 session until you issue a special command and a successful reply.  Most servers support SSL that way.  The only reason you would want to use implicit SSL is to interoperate with a legacy system.  Port 990 SSL with FTP has been dropped from the drafts because IETF is running out of ports in the reserved range (1-1023).  Mosft FTP programs that support SSL give the user a choice between using explicit SSL or implicit SSL.

HTH.

Replies

In response to

Why is port 990 being used for implicit connection instead of port 21? posted by Michael J. Leaver on Thu, 23 Jun 2005