我无法使用带有自定义SSLContext的Apache FTPSClient通过FTPS连接到我的FTP服务器 - 获取“无法识别的SSL消息,明文连接?”

时间:2017-12-14 08:50:13

标签: java ftp ftps apache-commons-net ftp-server

我正在编写通过FTPS连接到FTP服务器的程序。

源代码:

String protocol = "TLS";
String host = "192.168.5.165";
String username = "usr";
String password = "111";
String trustStorePath = "C:/TEMP/truststore";
String trustStorePassword = "111111";
int port = 990;

FTPSClient client = new FTPSClient(protocol);

KeyStore trustStore = loadStore("JKS", new File(trustStorePath), trustStorePassword);
X509TrustManager trustManager = TrustManagerUtils.getDefaultTrustManager(trustStore);

SSLContext ctx = SSLContext.getInstance("TLSv1.1");
ctx.init(null, new TrustManager[] {trustManager}, null);

FTPSSocketFactory socketFactory = new FTPSSocketFactory(ctx);
client.setSocketFactory(socketFactory);

client.addProtocolCommandListener(new PrintCommandListener(new 
PrintWriter(System.out)));
client.connect(host, port);

我在trustStore导入了服务器证书。但运行此代码后,我收到此错误:

220 Wing FTP Server ready... (UNREGISTERED WING FTP SERVER)
AUTH TLS
234 AUTH command OK. Initializing TLS connection.

javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

  at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:710)
  at sun.security.ssl.InputRecord.read(InputRecord.java:527)
  at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
  at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
  at org.apache.commons.net.ftp.FTPSClient.sslNegotiation(FTPSClient.java:269)
  at org.apache.commons.net.ftp.FTPSClient._connectAction_(FTPSClient.java:211)
  at org.apache.commons.net.SocketClient.connect(SocketClient.java:183)
  at org.apache.commons.net.SocketClient.connect(SocketClient.java:203)
  at edtesb.remsenergy.FTPSTest.test(FTPSTest.java:63)

我做错了什么?

1 个答案:

答案 0 :(得分:0)

在我看来,你已经过度设计了它。

我不确定我能完全理解你的代码是做什么的,但我相信你无意中对连接进行了双重加密。

如果您确实想要连接到隐式FTPS端口990,请使用

using System;

// Namespace
namespace ConsoleApp22
{
    // Main Class
    class Program
    {
        // Entry Point Method
        static void Main(string[] args)
        {
            string name = "Florent Shomora";


            // start here 
            Console.Write("Hello World"+ name);
        }
    }
}

FTPSClient client = new FTPSClient(protocol, true); 是默认设置,也可以这样做:

protocol="TLS"

虽然隐含的FTPS已经过时,但最好使用显式FTPS(如果服务器支持,大多数情况下都是这样),通过连接到默认的FTP端口21:

FTPSClient client = new FTPSClient(true);

client.connect(host); // 990 is default, with FTPSClient with isImplicit=true

如果您需要自定义FTPSClient client = new FTPSClient(); client.connect(host); ,只需使用SSLContext的相应重载,例如:

FTPSClient
相关问题
最新问题