[opensuse] Self-signed certificate not accepted
Hi, I'm not an expert in this area, but I've just setup a website on a remote server. The server admin has given me the ftp login details, but recommends I use ftps for file transfers. He requested me to use port 21. I am able to login with vanilla ftp, but ftps fails with an error... [...] Connected to xxx.org:21 220 Welcome to xxx's FTP for your site! AUTH TLS 234 Proceed with negotiation. Error with certificate at depth: 0 Issuer = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Subject = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Error 18:self signed certificate Disconnecting from site xxx.org The ftp server admin says I'm not accepting his self-signed certificate. He says it works for him on both Windows and Mac. Where should I look to fix this? My system is openSUSE 11.2 & KDE 4.3.5 Thanks, Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.2, Kernel 2.6.31.12-0.2-desktop, KDE 4.3.5 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9600GT -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/12/2010 01:49 PM, Bob Williams wrote:
Hi,
I'm not an expert in this area, but I've just setup a website on a remote server. The server admin has given me the ftp login details, but recommends I use ftps for file transfers. He requested me to use port 21. I am able to login with vanilla ftp, but ftps fails with an error...
[...] Connected to xxx.org:21 220 Welcome to xxx's FTP for your site! AUTH TLS 234 Proceed with negotiation. Error with certificate at depth: 0 Issuer = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Subject = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Error 18:self signed certificate Disconnecting from site xxx.org
The ftp server admin says I'm not accepting his self-signed certificate. He says it works for him on both Windows and Mac. Where should I look to fix this?
My system is openSUSE 11.2 & KDE 4.3.5
Thanks,
Bob
Bob, It will be a setting in your ftp client config or ssl config. Most likely the ftp client. Basically, you need to find the setting that prevents accepting the self-signed certificate. What client are you using? If you are using the command line, then it will be your ssl config. The system wide client config is /etc/ssh/ssh_config. You can also create a per-user override by creating ~/.ssh/config. I don't know the exact setting, but you could probably google 'opensuse sftp self-signed certificate not accepted' and find what you need. Good luck :p -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 5/12/2010 3:19 PM, David C. Rankin wrote:
On 05/12/2010 01:49 PM, Bob Williams wrote:
Hi,
I'm not an expert in this area, but I've just setup a website on a remote server. The server admin has given me the ftp login details, but recommends I use ftps for file transfers. He requested me to use port 21. I am able to login with vanilla ftp, but ftps fails with an error...
[...] Connected to xxx.org:21 220 Welcome to xxx's FTP for your site! AUTH TLS 234 Proceed with negotiation. Error with certificate at depth: 0 Issuer = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Subject = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Error 18:self signed certificate Disconnecting from site xxx.org
The ftp server admin says I'm not accepting his self-signed certificate. He says it works for him on both Windows and Mac. Where should I look to fix this?
My system is openSUSE 11.2& KDE 4.3.5
Thanks,
Bob
Bob,
It will be a setting in your ftp client
Correct.
config or ssl config. Most likely the ftp client. Basically, you need to find the setting that prevents accepting the self-signed certificate. What client are you using? If you are using the command line, then it will be your ssl config. The system wide client config is /etc/ssh/ssh_config. You can also create a per-user override by creating ~/.ssh/config. I don't know the exact setting, but you could probably google 'opensuse sftp self-signed certificate not accepted' and find what you need. Good luck
And all the rest of this is wrong. ftps has nothing whatsoever to do with sftp or ssh curl -k ... wget --no-check-certificate or "set ssl:verify-certificate no" in lftp -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 12 May 2010 22:10:22 Brian K. White wrote:
On 5/12/2010 3:19 PM, David C. Rankin wrote:
On 05/12/2010 01:49 PM, Bob Williams wrote:
Hi,
I'm not an expert in this area, but I've just setup a website on a remote server. The server admin has given me the ftp login details, but recommends I use ftps for file transfers. He requested me to use port 21. I am able to login with vanilla ftp, but ftps fails with an error...
[...] Connected to xxx.org:21 220 Welcome to xxx's FTP for your site! AUTH TLS 234 Proceed with negotiation. Error with certificate at depth: 0 Issuer = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Subject = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Error 18:self signed certificate Disconnecting from site xxx.org
The ftp server admin says I'm not accepting his self-signed certificate. He says it works for him on both Windows and Mac. Where should I look to fix this?
My system is openSUSE 11.2& KDE 4.3.5
Thanks,
Bob
Bob,
It will be a setting in your ftp client
Correct.
config or ssl config. Most likely the ftp client. Basically, you need to find the setting that prevents accepting the self-signed certificate. What client are you using? If you are using the command line, then it will be your ssl config. The system wide client config is /etc/ssh/ssh_config. You can also create a per-user override by creating ~/.ssh/config. I don't know the exact setting, but you could probably google 'opensuse sftp self-signed certificate not accepted' and find what you need. Good luck
And all the rest of this is wrong. ftps has nothing whatsoever to do with sftp or ssh
curl -k ... wget --no-check-certificate or "set ssl:verify-certificate no" in lftp
That's it! In gFTP Options > SSL Engine > deselect 'Verify SSL Peer' Many thanks. Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.2, Kernel 2.6.31.12-0.2-desktop, KDE 4.3.5 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9600GT -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, May 12, 2010 at 11:16:59PM +0100, Bob Williams wrote:
On Wednesday 12 May 2010 22:10:22 Brian K. White wrote:
On 5/12/2010 3:19 PM, David C. Rankin wrote:
On 05/12/2010 01:49 PM, Bob Williams wrote:
Hi,
I'm not an expert in this area, but I've just setup a website on a remote server. The server admin has given me the ftp login details, but recommends I use ftps for file transfers. He requested me to use port 21. I am able to login with vanilla ftp, but ftps fails with an error...
[...] Connected to xxx.org:21 220 Welcome to xxx's FTP for your site! AUTH TLS 234 Proceed with negotiation. Error with certificate at depth: 0 Issuer = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Subject = /C=GB/ST=-/L=-/O=-/OU=-/CN=-/emailAddress=- Error 18:self signed certificate Disconnecting from site xxx.org
The ftp server admin says I'm not accepting his self-signed certificate. He says it works for him on both Windows and Mac. Where should I look to fix this?
My system is openSUSE 11.2& KDE 4.3.5
Thanks,
Bob
Bob,
It will be a setting in your ftp client
Correct.
config or ssl config. Most likely the ftp client. Basically, you need to find the setting that prevents accepting the self-signed certificate. What client are you using? If you are using the command line, then it will be your ssl config. The system wide client config is /etc/ssh/ssh_config. You can also create a per-user override by creating ~/.ssh/config. I don't know the exact setting, but you could probably google 'opensuse sftp self-signed certificate not accepted' and find what you need. Good luck
And all the rest of this is wrong. ftps has nothing whatsoever to do with sftp or ssh
curl -k ... wget --no-check-certificate or "set ssl:verify-certificate no" in lftp
That's it! In gFTP Options > SSL Engine > deselect 'Verify SSL Peer'
You can also use unencrypted ftp connections in this case, it is as-secure as switching off peer verification. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 12 May 2010 23:19:49 Marcus Meissner wrote:
On Wed, May 12, 2010 at 11:16:59PM +0100, Bob Williams wrote:
On Wednesday 12 May 2010 22:10:22 Brian K. White wrote:
On 5/12/2010 3:19 PM, David C. Rankin wrote:
On 05/12/2010 01:49 PM, Bob Williams wrote:
Hi,
I'm not an expert in this area, but I've just setup a website on a remote server. The server admin has given me the ftp login details, but recommends I use ftps for file transfers. He requested me to use port 21. I am able to login with vanilla ftp, but ftps fails with an error... [...] ftps has nothing whatsoever to do with sftp or ssh
curl -k ... wget --no-check-certificate or "set ssl:verify-certificate no" in lftp
That's it! In gFTP Options > SSL Engine > deselect 'Verify SSL Peer'
You can also use unencrypted ftp connections in this case, it is as-secure as switching off peer verification.
Ciao, Marcus
Understood. But my ftp server admin strongly recommended I use ftps. I've tried to enlighten him, following your advice. Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.2, Kernel 2.6.31.12-0.2-desktop, KDE 4.3.5 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9600GT -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/12/2010 04:10 PM, Brian K. White wrote:
It will be a setting in your ftp client
Correct.
And all the rest of this is wrong. ftps has nothing whatsoever to do with sftp or ssh
Batting 500 on Wednesday -- not bad :p -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 13 May 2010 02:45:47 David C. Rankin wrote:
On 05/12/2010 04:10 PM, Brian K. White wrote:
It will be a setting in your ftp client
Correct.
And all the rest of this is wrong. ftps has nothing whatsoever to do with sftp or ssh
Batting 500 on Wednesday -- not bad :p
Your input is always appreciated, David. :) Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.2, Kernel 2.6.31.12-0.2-desktop, KDE 4.3.5 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9600GT -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 5/12/2010 9:45 PM, David C. Rankin wrote:
On 05/12/2010 04:10 PM, Brian K. White wrote:
It will be a setting in your ftp client
Correct.
And all the rest of this is wrong. ftps has nothing whatsoever to do with sftp or ssh
Batting 500 on Wednesday -- not bad :p
No sweat man, no sweat. :) -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Bob Williams
-
Brian K. White
-
David C. Rankin
-
Marcus Meissner