Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Secure FTP over SSL

0 views
Skip to first unread message

Marcel de Roode

unread,
Dec 23, 2003, 9:58:12 AM12/23/03
to
Hi,

When trying to make an explicit SSL connection to a Netware 5.1SP6
server, with the new NWFTPD daemon (which supports SSL) I get an SSL
error when connecting:

220 Service Ready for new User
AUTH TLS-C
234 Enabling SSL
Connected. Exchanging encryption keys...
SSL Error
The session was canceled.
Connection closed.

I have tried to connect with FileZilla and SmartFTP, both give the same
results.
Testing the same setup on a test server with a test tree yielded no
problems.
Normal FTP works fine.

What may be the problem here?


Marcel de Roode
Erasmus University Rotterdam

Joseph Moore [SysOp]

unread,
Dec 30, 2003, 3:04:26 PM12/30/03
to
Marcel de Roode:

> Testing the same setup on a test server with a test tree yielded no
> problems.
>

ok, what is the difference between the test server and the real server?
Possibly the certificates?

Joe Moore
Novell Support Connection Volunteer Sysop

http://just.fdisk-it.com - Coming soon:
"Migrating From NetWare Enterprise Web Server to Apache 1.3.x"

http://www.caledonia.net/sysops.html

NO EMAIL PLEASE!!!!!

Marcel de Roode

unread,
Jan 7, 2004, 3:01:04 AM1/7/04
to
Joseph Moore [SysOp] wrote:

> Marcel de Roode:
>
>
>>Testing the same setup on a test server with a test tree yielded no
>>problems.
>>
>
>
> ok, what is the difference between the test server and the real server?
> Possibly the certificates?
>
> Joe Moore
> Novell Support Connection Volunteer Sysop

Sorry for the delayed response, holidays and all...

Since the test server is in a different tree with a different CA the
certificates will be different.
There are of course many differences between the test server and the
production server. I checked the TCP/IP stack and the NWFTPD.NLM

It used to work before the TCP/IP stack upgrade. After applying tcp853k
it still worked on the test server, not on the production. Reverting to
the original (NW5.1SP6) stack did not solve the problem.

Joseph Moore [SysOp]

unread,
Jan 7, 2004, 2:14:16 PM1/7/04
to
Marcel de Roode:

> After applying tcp853k
> it still worked on the test server, not on the production.
>

are you using the null encryption tcpip stack or the domestic
encryption one?

Joe Moore
Novell Support Connection Volunteer Sysop

http://just.fdisk-it.com - Coming soon:

Marcel de Roode

unread,
Jan 9, 2004, 5:23:12 AM1/9/04
to
Joseph Moore [SysOp] wrote:
> Marcel de Roode:
>
>
>>After applying tcp853k
>>it still worked on the test server, not on the production.
>>
>
>
> are you using the null encryption tcpip stack or the domestic
> encryption one?

Using the null ecryption stack.

Marcel de Roode

unread,
Jan 9, 2004, 5:28:04 AM1/9/04
to
Joseph Moore [SysOp] wrote:

> Marcel de Roode:
>
>
>>After applying tcp853k
>>it still worked on the test server, not on the production.
>>
>
>
> are you using the null encryption tcpip stack or the domestic
> encryption one?
>

I just noticed there is a new version of the TCP/IP stack, 583L. I'll
try that one also.

Joseph Moore [SysOp]

unread,
Jan 9, 2004, 10:40:48 AM1/9/04
to
Marcel de Roode:

> TCP/IP stack, 583L.
>

let me know if that one helps

Joseph Moore [SysOp]

unread,
Jan 9, 2004, 10:40:47 AM1/9/04
to
Marcel de Roode:

> Using the null ecryption stack.
>

hmmm...and the server that is working is also using null encryption?

0 new messages