I am having trouble logging into an FTP server using SSL. My trouble appears to be related to this messageboard post:
http://www.enterprisedt.com/forums/viewtopic.php?t=302
...but following those instructions did not solve my problem.
I have a certificate file ("express.crt"), a private key file ("express.key"), and a password from a 3rd party. I am expected to use this information, along with the normal FTP server/login/password information to access this secure FTP server.
I originally tried to do the following:
SecureFTPConnection ftp = new SecureFTPConnection();
ftp.Protocol = FileTransferProtocol.FTPSExplicit;
ftp.ServerAddress = _server;
ftp.ServerCommonName = _server;
ftp.Password = _password;
ftp.UserName = _username;
SSLFTPCertificate clientCertificate = SSLFTPCertificate.CreateFromFile("express.crt", password);
clientCertificate.AssociatePrivateKey("express.key", password);
ftp.ClientCertificate = clientCertificate;
...but I get this error:
"The specified file is not a valid PVK file." at d5.b(String A_0, String A_1, Boolean A_2)\r\n at d5.c(String A_0, String A_1)\r\n at EnterpriseDT.Net.Ftp.Ssl.SSLFTPCertificate.AssociatePrivateKey(String pvkFileName, String password)\r\n at SDN.Utilities.TaskCommonObjects.FTPFileOperations..ctor(String server, Int32 port, String username, String password, String keyLocation, String certLocation) in C:\\Services\\SDN.Utilities.TaskCommonObjects\\FTPFileOperations.cs:line 52\r\n at ANIFileDownload.DoDownload(TaskContext taskContext) in C:\\Services\\SDN.BusinessServices.AutomatedTaskService.Debugger\\SDN.BusinessServices.AutomatedTaskService.Debugger\\ANIFileDownload.cs:line 100\r\n at ANIFileDownload.Execute(TaskContext taskContext) in C:\\Services\\SDN.BusinessServices.AutomatedTaskService.Debugger\\SDN.BusinessServices.AutomatedTaskService.Debugger\\ANIFileDownload.cs:line 76" string
So, I read the instructions from the other post, and tried to make a PVK file:
1. Use OpenSSL to create a key:
openssl genrsa -des3 -out express.pem 2048
2. Then I use the pvkTool (
http://www.drh-consultancy.demon.co.uk/pvktool.zip) to create a PVK from the express.pem file created in the previous step:
3. I then attempt to run my code again, but this time use the pvk file in place of the key file:
SSLFTPCertificate clientCertificate = SSLFTPCertificate.CreateFromFile("express.crt", password);
clientCertificate.AssociatePrivateKey("express.pvk", password);
ftp.ClientCertificate = clientCertificate;
4. The code fails when executing AssociatePrivateKey(), with the error:
"Consistency error: Private key was not successfully associated with certificate"
I am doing this right? wrong? close? help? :shock:
Thanks
Dale
