FTP over SecureSocket

Report · Feb 03, 2016

I'm developing an app which should transfer files to the web server over FTP protocol. For this purpose, I am using Socket class and communication works without any troubles. I am able to connect to the server, login and then download from or upload files to the server.

Now I want to implement secure connection over SSL too using SecureSocket class but I'm having issues to even establish connection with the server. From the class documentation I saw that SecureSocket requires a valid SSL v3.1 or TLS v1.0 certificate in order to connect to the server. I have checked the web server I'm using to test and I saw that this server has valid TLS v1.2 certificate set.

But, for some reason I cannot connect to it over SecureSocket class at all. When I try to connect, I'm always getting error below, with certificate status as "invalid":

ERROR: 2031 Error #2031: Socket Error. URL: xx.xx.xx

The code is very simple:

package
{
  import flash.display.Sprite;
  import flash.events.Event;
  import flash.events.IOErrorEvent;
  import flash.events.ProgressEvent;
  import flash.events.SecurityErrorEvent;
  import flash.net.SecureSocket;

  public class FTPS extends Sprite
  {
    private var ftp:SecureSocket;

    public function FTPS()
    {
      ftp = new SecureSocket();
      ftp.addEventListener(Event.CONNECT, onConnect);
      ftp.addEventListener(ProgressEvent.SOCKET_DATA, onData);
      ftp.addEventListener(IOErrorEvent.IO_ERROR, onError);
      ftp.addEventListener(SecurityErrorEvent.SECURITY_ERROR, onSecurityError);
      ftp.connect("xx.xx.xx", 21);
    }

    protected function onConnect(event:Event):void
    {
      trace("CONNECT");
    }

    protected function onData(event:ProgressEvent):void
    {
      trace("DATA:", ftp.readUTFBytes(ftp.bytesAvailable));
    }

    protected function onError(event:IOErrorEvent):void
    {
      trace("ERROR:", event.errorID, event.text, ftp.serverCertificateStatus);
    }

    protected function onSecurityError(event:SecurityErrorEvent):void
    {
      trace("SECURITY ERROR");
    }
  }
}

As wrote in the code, I'm trying to connect to xx.xx.xx host on port 21 which is actually the base domain for the server and certificate is issued specifically for this domain. If I use non-secure protocol (Socket class instead of SecureSocket), I'm able to connect and communicate with the server.

What I have tried is to connect to this server on port 443 (over https protocol) with SecureSocket class and when I do this the connection has been made successfully and then as certificate status I'm getting "trusted" which in case connecting over port 21 is "invalid" as mentioned above.

Can anyone tell me what I'm doing wrong or have any suggestion on what I need to do in code or how to set the web server? Is it possible at all to connect to the FTP server over SecureSocket class?

Thanks in advance!

Report · Oct 29, 2018

I have the same problem with a Let's Encrypt certificate with SecureSocket and FTPS explicit on port 21

2031:Error #2031: Socket Error. URL: ftp.mysite.com serverCertificateStatus:invalid

I use ProFtpd, it work with Filezilla

ProFtpd tls.log says :

SSL/TLS required but absent on control channel

Thanks

Report · Nov 15, 2018

ProFTPD work now, I found the right configuration of ProFTPD

TLSOptions UseImplicitSSL NoSessionReuseRequired

The data channel has a strange behaviour using TLS, it's neccesary to push the ftp command before to connect.

Adobe Community

FTP over SecureSocket