× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. June 2015

Re: Where to find certificate info

I would double check that your FTPS server is running on port 21.

990 is the standard. Sometimes it's on 21.

Also, you may need to look closer at the docs if you're using TLS.. it may
be something like this:

s_client -connect yourserver:21 -starttls ftp

This should load a screen showing your cert that you can copy and paste
into a text docuement.
Again, this is covered here:
http://docs.bvstools.com/home/ssl-documentation/openssl

The examples shown are for SMTP using SSL and SMTP using TLS. Should be
very similar to your case, just FTP instead.

TLS requires a little more communication before you get the certificate
information than just plain SSL, which is why openSSL has the -starttls
option.

Brad Stone
www.bvstools.com


On Fri, Jun 26, 2015 at 4:10 PM, Justin Taylor <JUSTIN@xxxxxxxxxxxxx> wrote:

I did a QSH, typed "openssl" and it gave me a "OpenSSL>" prompt. I assume
that means I have OpenSSL installed. I went to Google to try and figure
out what to do with it (found this page here:
https://www.openssl.org/docs/apps/s_client.html).

I tried this command:
s_client -connect urlHere:21 -cert 'certificate Name Here'

Where "urlHere" is the URL of the FTP server I connect to, and
"certificate Name Here" is the name of my certificate (as defined in DCM).
The command gives an error saying it can't find my certificate.




-----Original Message-----
From: Scott Klement [mailto:midrange-l@xxxxxxxxxxxxxxxx]
Sent: Friday, June 26, 2015 3:12 PM
To: Midrange Systems Technical Discussion
Subject: Re: Where to find certificate info

Justin,

You can download the certificate (or just connect to the FTPS server)
using the openssl command-line tool and it'll dump all of the certificate
information to the screen. It is handy for debugging this sort of thing.

If you have OpenSSL installed in PASE, then you should have the
command-line tool available there.

There's a Windows command-line version of openssl that you can grab from
here if you don't want to fool with PASE:
http://www.scottklement.com/tools/openssl.exe

That Windows one is a very old version I threw on there a long time ago
(2007) so it may not be the best choice.

-SK



On 6/26/2015 3:05 PM, Justin Taylor wrote:
I've been asked what version of TLS and cipher a certain FTPS
certificate uses. I found the particular certificate in DCM, but it
doesn't show that info. I tried exporting the certificate to a stream
file, but Windows doesn't recognize the certificate.

Any idea how I can find out these two pieces of info?


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.