I suggest you start with TLS on and client certificates turned off. In edtFTPD set TLSRequired to 'on' and TLSVerifyClients to 'off'. Make sure you restart edtFTPD by pressing the 'Restart edtFTPD' button.
In SSLFTPClient turn off server validation by:
ftpClient.setValidateServer(false);
This is what example 1 (in examples\Ex1_NonvalidatingClient) does, so have a look at the listing.
Once you've got that working, you should enabled server validation. To do this, you'll need a copy of your server certificate (in edtFTPD\etc\server.cert.pem). You then need to enabled server validation and load this certificate into your SSLFTPClient by:
ftpClient.setValidateServer(false);
ftpClient.loadRootCertificates("server.cert.pem");The complete code is in example 2 (in examples\Ex2_ServerValidatingClient).
Once that is working, you may like to use client validation as well. To do this you'll need to set TLSVeryClients to 'on' in edtFTPD and give edtFTPD access to a copy of your client certificate. You'll need to copy the contents of your base-64 encoded certificate file (e.g. PEM file) into your edtFTP\edt\ca-root.crt file. You then need to load the client certificate into your SSLFTPClient by:
ftp.loadClientKeyFile(clientKeyFile, clientKeyPassword);
The complete code is in example 3 (in examples\Ex3_FullyValidatingClient).
Hope that helps
- Hans (EDT Support)
