vsftpd SSL Issues
in [RedHat]
|
From: Troubled User on 3 Feb 2006 15:01 OS: RHEL 3 ES Using: vsftpd-2.0.3-1 (Built from vsftpd-2.0.3-1.src.rpm for Fedora Core 4) This problem has been driving me nuts. I can succesfully cannot and transfer files using a php script that I wrote (ftp_sconnect) However, every FTP cilent that I try other then the PHP script, I get an error at the same place. Here is the output from the clients. (Note at one point I did connect the server using FileZilla with TLS) OUTPUT FROM PHP Script ---------------------- [root(a)dev1 dcasey]# php !$ php ./ftpftpuser.php Content-type: text/html DEBUG>>> Using SSL: Yes DEBUG>>> Connection Established DEBUG>>> Login: Ok! Logged into web3.mydomain.tld, for user ftpuser DEBUG>>> We are now in passive mode DEBUG>>> Uploaded /home/dcasey/test.file to web3.mydomain.tld as /ToDRV/test.file DEBUG>>> Downloaded from web3.mydomain.tld as /home/dcasey/recieved.file DEBUG>>> Closing the FTP connection. [root(a)dev1 dcasey]# OUTPUT FROM CoreFTP ------------------------ Resolving web3.mydomain.tld... Connect socket #836 to 192.168.1.10, port 21... 220 Welcome to My Company FTP AUTH TLS 234 Proceed with negotiation. SSL/TLS error - 0, SSL error - 5 SSL Connection not established OUTPUT FROM FileZilla -------------------------- Status: Connecting to web3.mydomain.tld ... Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 0 to 1 caller=0x00a8c86c Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 1 to 2 caller=0x00a8c86c Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 2 to 4 caller=0x00a8c86c Trace: FtpControlSocket.cpp(938): OnConnect(0) OpMode=1 OpState=-8 caller=0x00a8c86c Status: Connected with web3.mydomain.tld, negotiating SSL connection... Trace: FtpControlSocket.cpp(761): OnReceive(0) OpMode=1 OpState=-8 caller=0x00a8c86c Response: 220 Welcome to My Company FTP Command: AUTH TLS Trace: FtpControlSocket.cpp(761): OnReceive(0) OpMode=1 OpState=-9 caller=0x00a8c86c Response: 234 Proceed with negotiation. Trace: FtpControlSocket.cpp(761): OnReceive(0) OpMode=1 OpState=-10 caller=0x00a8c86c Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 4 to 6 caller=0x00a8c86c Trace: FtpControlSocket.cpp(1916): OnClose(10053) OpMode=1 OpState=-10 caller=0x00a8c86c Error: Disconnected from server Trace: FtpControlSocket.cpp(1077): DoClose(0) OpMode=1 OpState=-10 caller=0x00a8c86c Trace: FtpControlSocket.cpp(3910): ResetOperation(4100) OpMode=1 OpState=-10 caller=0x00a8c86c Error: Unable to connect! Status: Waiting to retry... (5 retries left) OUTPUT FROM FireFTP ----------------------------------- FireFTP 0.90.1 'Modern Girl' Lead Programmer: [Mime Cuvalo], Assistant Programmers: [Devin, Scott Bentley] Please tip your programmer! All proceeds go to charity. Visit http://fireftp.mozdev.org to donate or learn more. Thank you! Need a freelance programmer? Email me: mimecuvalo(a)gmail.com 220 Welcome to My Company FTP AUTH TLS 234 Proceed with negotiation. PBSZ 0 OUTPUT FROM CuteFTP *** CuteFTP 7.0 - build Jun 6 2005 *** STATUS:> Getting listing ""... STATUS:> Resolving host name web3.mydomain.tld... STATUS:> Host name web3.mydomain.tld resolved: ip = 192.168.1.10. STATUS:> Connecting to FTP server web3.mydomain.tld:21 (ip = 192.168.1.10)... STATUS:> Socket connected. Waiting for welcome message... 220 Welcome to My Company FTP STATUS:> Connected. Authenticating... COMMAND:> AUTH TLS 234 Proceed with negotiation. STATUS:> Establishing SSL session. STATUS:> Initializing SSL module. STATUS:> Connected. Exchanging encryption keys... ERROR:> SSL: Error in negotiating SSL connection. The server could be rejecting your certificate.
From: Sam Watson on 9 Feb 2006 14:39 This sounds similar to a problem I am having. It has to do with passive mode of operations. If I disable passive mode there is no problem. Also I found that if I turn off the firewall (iptables) it works in passive mode. I don't have a solution as of yet but examine my post with a subject of VSFTP passive mode. Troubled User wrote: > OS: RHEL 3 ES > Using: vsftpd-2.0.3-1 (Built from vsftpd-2.0.3-1.src.rpm for Fedora Core 4) > > This problem has been driving me nuts. > I can succesfully cannot and transfer files using a php script that I wrote (ftp_sconnect) > > However, every FTP cilent that I try other then the PHP script, I get an error at the same place. > Here is the output from the clients. (Note at one point I did connect the server using FileZilla with TLS) > > > OUTPUT FROM PHP Script ---------------------- > [root(a)dev1 dcasey]# php !$ > php ./ftpftpuser.php > Content-type: text/html > > DEBUG>>> Using SSL: Yes > DEBUG>>> Connection Established > DEBUG>>> Login: Ok! > Logged into web3.mydomain.tld, for user ftpuser > DEBUG>>> We are now in passive mode > DEBUG>>> Uploaded /home/dcasey/test.file to web3.mydomain.tld as /ToDRV/test.file > DEBUG>>> Downloaded from web3.mydomain.tld as /home/dcasey/recieved.file > DEBUG>>> Closing the FTP connection. > [root(a)dev1 dcasey]# > > > > > > > > OUTPUT FROM CoreFTP ------------------------ > Resolving web3.mydomain.tld... > Connect socket #836 to 192.168.1.10, port 21... > 220 Welcome to My Company FTP > AUTH TLS > 234 Proceed with negotiation. > SSL/TLS error - 0, SSL error - 5 > SSL Connection not established > > > > > OUTPUT FROM FileZilla -------------------------- > Status: Connecting to web3.mydomain.tld ... > Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 0 to 1 caller=0x00a8c86c > Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 1 to 2 caller=0x00a8c86c > Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 2 to 4 caller=0x00a8c86c > Trace: FtpControlSocket.cpp(938): OnConnect(0) OpMode=1 OpState=-8 caller=0x00a8c86c > Status: Connected with web3.mydomain.tld, negotiating SSL connection... > Trace: FtpControlSocket.cpp(761): OnReceive(0) OpMode=1 OpState=-8 caller=0x00a8c86c > Response: 220 Welcome to My Company FTP > Command: AUTH TLS > Trace: FtpControlSocket.cpp(761): OnReceive(0) OpMode=1 OpState=-9 caller=0x00a8c86c > Response: 234 Proceed with negotiation. > Trace: FtpControlSocket.cpp(761): OnReceive(0) OpMode=1 OpState=-10 caller=0x00a8c86c > Trace: FtpControlSocket.cpp(5075): m_pSslLayer changed state from 4 to 6 caller=0x00a8c86c > Trace: FtpControlSocket.cpp(1916): OnClose(10053) OpMode=1 OpState=-10 caller=0x00a8c86c > Error: Disconnected from server > Trace: FtpControlSocket.cpp(1077): DoClose(0) OpMode=1 OpState=-10 caller=0x00a8c86c > Trace: FtpControlSocket.cpp(3910): ResetOperation(4100) OpMode=1 OpState=-10 caller=0x00a8c86c > Error: Unable to connect! > Status: Waiting to retry... (5 retries left) > > > > > OUTPUT FROM FireFTP ----------------------------------- > FireFTP 0.90.1 'Modern Girl' Lead Programmer: [Mime Cuvalo], Assistant Programmers: [Devin, Scott Bentley] > Please tip your programmer! All proceeds go to charity. Visit http://fireftp.mozdev.org to donate or learn more. Thank you! > Need a freelance programmer? Email me: mimecuvalo(a)gmail.com > 220 Welcome to My Company FTP > AUTH TLS > 234 Proceed with negotiation. > PBSZ 0 > > > > > OUTPUT FROM CuteFTP > *** CuteFTP 7.0 - build Jun 6 2005 *** > > STATUS:> Getting listing ""... > STATUS:> Resolving host name web3.mydomain.tld... > STATUS:> Host name web3.mydomain.tld resolved: ip = 192.168.1.10. > STATUS:> Connecting to FTP server web3.mydomain.tld:21 (ip = 192.168.1.10)... > STATUS:> Socket connected. Waiting for welcome message... > 220 Welcome to My Company FTP > STATUS:> Connected. Authenticating... > COMMAND:> AUTH TLS > 234 Proceed with negotiation. > STATUS:> Establishing SSL session. > STATUS:> Initializing SSL module. > STATUS:> Connected. Exchanging encryption keys... > ERROR:> SSL: Error in negotiating SSL connection. The server could be rejecting your certificate. >
|
Pages: 1 Prev: How to add build-in command into sudoers Cmnd_Alias? Next: Samba Log Errors |