[lug] FTPS + SSL parameters question...
Bear Giles
bgiles at coyotesong.com
Fri Oct 11 10:03:24 MDT 2019
This is a stretch but I'm running out of ideas.
We're trying to connect to an FTPS server in implicit mode. The server
requires the data connection to use the same SSL parameters as the control
connection as an authentication mechanism.
Java isn't happy but I can force it by seeding the undocumented SSLSession
cache.
Bottom line is that my integration tests pass - I'm connecting to the
(Filezilla) server...
... but my actual application fails. I've verified that everything is lined
up and (AFAIK) it's creating the request with the correct SSL Parameters
but something, somehow, is changing them in flight.
I've checked with coworkers - we have a packet monitor but it doesn't do
deep packet inspection. We don't have a network proxy. I can't think of
anything else that would modify the SSL Parameters.
Any ideas, esp. something that would appear in a Java environment?
Unfortunately we can't ask the customer to change their server settings. We
can't try switching to mutual authentication (using SSL keypairs) either.
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20191011/daf295fa/attachment.html>
More information about the LUG
mailing list