我正在尝试将文件上传到FTP服务器(FTPS)。运行以下代码会产生异常:
根据验证,远程证书无效 过程
代码:
static void Main(string[] args)
{
FTPFactory ftp = new FTPFactory();
ftp.setDebug(true);
ftp.setRemoteHost("ftps.host");
//Connect to SSL Port (5920)
ftp.setRemotePort(5920);
ftp.loginWithoutUser();
string cmd = "AUTH SSL";
ftp.sendCommand(cmd);
//Create SSL Stream
ftp.getSslStream();
ftp.setUseStream(true);
//Login FTP Secure
// ftp.setRemoteUser(Settings.Default.TargetFtpSecureUser);
ftp.setRemoteUser("user");
// ftp.setRemotePass(Settings.Default.TargetFtpSecurePass);
ftp.setRemotePass("pass");
ftp.login();
//Set ASCII Mode
ftp.setBinaryMode(false);
//Upload file
// Send Argument if you want
// cmd = "site arg1 arg2";
// ftp.sendCommand(cmd);
ftp.upload("", false);
ftp.uploadSecure(@"Filepath", false);
ftp.close();
}
catch (Exception e)
{
Console.WriteLine("Caught Error :" + e.Message);
}
}
这是FTPFactory类:
using System;
using System.Net.Sockets;
namespace FTP_DLL
{
public class FTPFactory
{
public FTPFactory();
public void chdir(string dirName);
public void close();
public Socket createDataSocket();
public void deleteRemoteFile(string fileName);
public void download(string remFileName);
public void download(string remFileName, bool resume);
public void download(string remFileName, string locFileName);
public void download(string remFileName, string locFileName, bool resume);
public string[] getFileList(string mask);
public long getFileSize(string fileName);
public string getRemoteHost();
public string getRemotePath();
public int getRemotePort();
public void getSslStream();
public void getSslStream(Socket Csocket);
public void login();
public void loginWithoutUser();
public void mkdir(string dirName);
public void renameRemoteFile(string oldFileName, string newFileName);
public void rmdir(string dirName);
public void sendCommand(string command);
public void setBinaryMode(bool mode);
public void setDebug(bool debug);
public void setRemoteHost(string remoteHost);
public void setRemotePass(string remotePass);
public void setRemotePath(string remotePath);
public void setRemotePort(int remotePort);
public void setRemoteUser(string remoteUser);
public void setUseStream(bool value);
public void upload(string fileName, bool resume);
public void uploadSecure(string fileName, bool resume);
}
}
答案 0 :(得分:0)
我建议您查看this article
从听起来来看,问题是FTP服务器正在查看您的应用程序的证书,而不是接受它。正如他们在文章中解释的那样,有一些插件允许您为符合FTP服务器的应用程序获取/制作证书。
答案 1 :(得分:0)
我没有看到任何表明这是客户端证书问题的内容。您确定服务器上的证书是否与您正在使用的DNS名称或IP地址匹配且未过期?
我不熟悉您正在使用的FTPFactory类。您应该为其添加指向该网站的链接。
但是,如果用于执行SSL连接的基础类是.NET Framework的一部分,则可以通过将ServicePointManager.ServerCertificateValidationCallback设置为如下所示的委托来更改证书验证行为。其他库也可能具有覆盖证书验证行为的机制。
虽然这适用于测试,但我不建议绕过生产代码中的证书验证。应修复服务器提供的证书。
public static bool ServicePointManager_ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
bool allowCertificate = true;
if (sslPolicyErrors != SslPolicyErrors.None)
{
Console.WriteLine("Accepting the certificate with errors:");
if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateNameMismatch) == SslPolicyErrors.RemoteCertificateNameMismatch)
{
Console.WriteLine("\tThe certificate subject {0} does not match.", certificate.Subject);
}
if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors) == SslPolicyErrors.RemoteCertificateChainErrors)
{
Console.WriteLine("\tThe certificate chain has the following errors:");
foreach (X509ChainStatus chainStatus in chain.ChainStatus)
{
Console.WriteLine("\t\t{0}", chainStatus.StatusInformation);
if (chainStatus.Status == X509ChainStatusFlags.Revoked)
{
allowCertificate = false;
}
}
}
if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateNotAvailable) == SslPolicyErrors.RemoteCertificateNotAvailable)
{
Console.WriteLine("No certificate available.");
allowCertificate = false;
}
Console.WriteLine();
}
return allowCertificate;
}