Article delegate-en/3652 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3651@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FTPS using client certificate
13 Mar 2007 19:01:17 GMT =?iso-8859-1?Q?H=E5kansson_Fredrik_=28a=29?= <piihabdyi-znqnbuinoylr.ml@ml.delegate.org>


Thank you,

I converted my cert to the pem format and now the Delegate proxy loads with no errors.

I have problem to get my Delegate proxy to provide the client certificate to the destination FTPS server. 

If i load the client certificate on the Delegate proxy then the proxy disconnects my client and does not even try to connect to the destination FTPS server.

If i don't load the client certificate on the Delegate proxy i will reach the destination FTPS server but when i send along the username and password the remote FTPS server disconnects me.

Greatful for any tips!

Best regards,
Fredrik Håkansson 


_________________________________________________
Fredrik Håkansson
Product Manager DNS, SMTP and Proxy
Volvo Information Technology AB
Dept 8370, VB1N 
405 08, Göteborg Sweden

Telephone: +40-00-000000F 
E-mail: piihabdyi-znqnbuinoylr.ml@ml.delegate.org

-----Original Message-----
From: Yutaka Sato [mailto:feedback@delegate.org] 
Sent: den 13 mars 2007 19:06
To: feedback@delegate.org
Cc: Håkansson Fredrik (a); feedback@delegate.org
Subject: Re: [DeleGate-En:3656] FTPS using client certificate

Hi,

In message <_A3650@delegate-en.ML_> on 03/14/07(02:28:59)
you =?iso-8859-1?Q?H=E5kansson_Fredrik_=28a=29?= <fredrik.a.hakansson@volvo.com> wrote:
 |We try to use the Delegate SSL proxy. We need to establish communication from an FTPS client towards a FTPS server.
 |
 |I have this working towards one FTPS server (FTP over SSL) however when running towards a FTPS server that requires a client SSL certificate i can't get it to work.
 |
 |This is how i started the delegate proxy:
 |./linux-dg  PERMIT="*:*:*" -P21 SERVER=ftp STLS="fsv,fcl -cert mycert.pfx -pass xxxxxx -CAfile ca.cer " ADMIN="f@volvo..se" DYLIB='libssl.so.0.9.6b'

At least the STLS parameter to add optional parameters should start with
"sslway" as follows:

 |./linux-dg  PERMIT="*:*:*" -P21 SERVER=ftp STLS="fsv,fcl,sslway -cert mycert.pfx -pass xxxxxx -CAfile ca.cer " ...

And I'm not sure if certiricates not in the PEM formart is acceptable or not.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V