wodFtpDLX Hostcertificate event with FileZilla - WeOnlyDo Discussion board

wodFtpDLX Hostcertificate event with FileZilla (wodFtpDLX / wodFtpDLX.NET)

by newP, Wednesday, September 30, 2009, 20:03 (5534 days ago)

Hi,
We are using FileZilla Server and trying to implement FTPS(implicit) connection with certificates in our application using wodFTPDLX COM based dll.
As per the FTPS connection goes, our code is very similar to what is there in sample project ..WeOnlyDo.ComFtpDLXSamplesVCMFC2. COM Object With EventsWithEvents.dsw after installing the weonlydo.
What this sample doesn't shoe is how to implement certificate verification. How to use HostCertificate event to verify that client has valid key. We are using FileZilla server and certificate is created using FileZilla's built in certificate generator.
If you could provide a similar vc++ sample to implement HostCertificate event that would be a great help. As a result of this now, even if our conneciton is successful, we can not copy files using FTPS.

Thanks you very much for your help.
NewP

Re: wodFtpDLX Hostcertificate event with FileZilla

by woddrazen, Wednesday, September 30, 2009, 21:09 (5534 days ago) @ newP

Hi,


Server certificate is accepted automatically. If you don't add any code inside wodFtpDLX HostCertificate Event.

Can we maybe duplicate your problem with file transfer? File transfer should work. Did you try to transfer file with some other FTPS client maybe?

HostCertificate Event fires when remote server provides its certificate. I'm not sure what exactly you want to do inside HostCertificate Event.

You can show server certificate in HostCertificate Event to user using Certificate Show Method.
[code]Cert.Show ( Server cert )[/code]

If you want to save certificate you can use Certificate Save Method.
[code]Cert.Save ( c:\cert.cer )[/code]

If you want to check server certificate when user next time try to connect to that server using wodFtpDLX, you can compare locally saved server certificate (which can be saved using cert.Save in HostCertificate Event) and one that server provide.

To do that you can compare server certificate public key in HostCertificate Event with one saved locally.
[code]Dim cert_local As Certificate
Set cert_local = New Certificate

cert_local.Load c:\cert.cer

If cert_local.PublicKeyOpenSSH = cert.PublicKeyOpenSSH Then
Accept = True
Else
MsgBox Wrong certificate
Accept = False
End If[/code]
This is VB6 code but you can easily convert it to VC++. If you have some problem let us know and we will try to help you.

Hope this helps.


Regards,
Drazen

Re: wodFtpDLX Hostcertificate event with FileZilla

by newP, Friday, October 02, 2009, 23:13 (5532 days ago) @ woddrazen

Thank you for response.
Unfortunately I am not being able to establish successful FTPS connenction using certificates. Down to simplest example, just trying run a sample example from ..Program FilesWeOnlyDo.ComFtpDLXSamplesVBComponent5. Certificate Authorization with FTP+SSL protocol
I have certificate generated using FileZilla server and FileZilla Client can connect to server and do the directory listing.
This example can't. What do I have to do prior to hit connect? I am just using Load button to load the certificate, enter host, user, password and protocol and hitting 'conenct' What is the Loading and saving private key for? Can you please exaplain how to make a successful FTPS connection with certs in this example? I can send you my cert file , I am using FIleZilla server.
Thanks really appreciate your help.

Re: wodFtpDLX Hostcertificate event with FileZilla

by woddrazen, Friday, October 02, 2009, 23:23 (5532 days ago) @ newP

Hi,


Did you load certificate in FileZilla client when you connect to FileZilla server?

I'm asking this because I'm not sure that FileZilla server supports certificate authentication. I see only options for password authentication in FileZilla server settings.

Why don't you try 1. Simple wodFtpDLX sample and try to connect to server using only login and password? In sample please try with all FTPS protocol types. Also please make sure that FTPS is enabled on server side.

Let us know how it goes.


Drazen

Re: wodFtpDLX Hostcertificate event with FileZilla

by newP, Friday, October 02, 2009, 23:37 (5532 days ago) @ woddrazen

I did not load certificate in FileZilla Client. I don't know where to do that. Just went into Site Manager and added host, port, protocol, user Name and password for 'Normal' connection. It conencted fine. I have also imported this cert in Trusted Root Certificates Under local machine and cuurent user using MMC.

And yes, Simple FTP on port 21 connects -- Such sample of WeOnlyDo conencts fine ... With certs is problem. It is unclear to me What is needed and how the verification process happens. Does client have to request connection with Private key? I don't see Private Key inclusion anywhere in FileZilla server as well as client.

Thanks again
NewP

Re: wodFtpDLX Hostcertificate event with FileZilla

by woddrazen, Friday, October 02, 2009, 23:56 (5532 days ago) @ newP

Hi,


Problem is that FileZilla server doesn't probably support certificate or private key authentication. So you cannot use it there.

You can use only password authentication.

Server certificate you are mentioning is something else. When you want to create some server that uses FTPS protocol (FTP+SSL). Some certificate should be loaded on server side in order to start that server.

When client connect to that server. Server sends certificate to client so client can be sure that this is real server where he want to connect.

Certificate authentication is something else. In Certificate authentication client uses own certificate and private key on client side and uses that certificate when he try to connect to server. Server has that certificate and check if same certificate is used.

If same certificate is used it allow client to connect to server. Unfortunately this is not (probably) supported by Filezilla server.

More help about authentication types you can find in Authentication Property:
http://www.weonlydo.com/FtpDLX/Help/wodFtpDLXLib~wodFtpDLX~Authentication.html


Drazen

Re: wodFtpDLX Hostcertificate event with FileZilla

by newP, Monday, October 12, 2009, 20:56 (5522 days ago) @ woddrazen

Hi,

Thank you for your response. I have been trying to solve this and tried many things ....still unsuccessful to establish a connection with WeOnlyDo FTP client and FileZilla Server. Using certificate generated using Filezilla server, FileZilla Client connects to the Server fine, SSl connection is established and file transfer is successful. I am trying to do thae same thing with WeOnlyDo client. I am using VB6 example that came with the WOD. I can send the certificate file as well as the example code so you can help me figure out what could be the problem. The error I am getting is either 30026 : Failed to load key or certificate. Password invalid? or 30011: Private key doesn't belong to certificate .

Please let me know.

thanks

Re: wodFtpDLX Hostcertificate event with FileZilla

by woddrazen, Monday, October 12, 2009, 22:51 (5522 days ago) @ newP

Hi,


Can you give us some instruction how to enable certificate or private key authentication in FileZilla server?

I'm trying to get it work in latest 0.9.33 version of FileZilla server but I cannot find that option for some reason.

However I tried password authentication and wodFtpDLX works like a charm with FileZilla server.

I'm using 1. Simple VB sample and was able to connect to FileZilla server and transfer file without any problem.


Drazen

Re: wodFtpDLX Hostcertificate event with FileZilla

by newP, Monday, October 12, 2009, 23:32 (5522 days ago) @ woddrazen

Actually I got the secure connection(Using FTPS - using Certificate) going with WOD client and FileZilla Server. It was quite a breakthrough. I am also getting HostCertificate event fired. So I think I am good till I get stuck with something else.

thanks.

Re: wodFtpDLX Hostcertificate event with FileZilla

by newP, Monday, October 26, 2009, 15:18 (5508 days ago) @ newP

Ok...I am stuck again.

Everything (which includes Secure FTPS connection with FileZilla using certificates, File Get and Put) works fine in VB 6.0. I can also do the secure FTPS connection in VC++ (MFC) but Now stuck to get Receive funtion to work in VC++. Unfortunately VB6.0 code is inside the wrapper so can't really see what GET OR PUT SUB in VB is actually doing.

I would really really appreciate if you can send me Working example of file transfer in VC++, I think that includes implementation of Receive, GetFiles, FindFiles etc.

Thank you very much.

Re: wodFtpDLX Hostcertificate event with FileZilla

by wodDamir, Monday, October 26, 2009, 15:34 (5508 days ago) @ newP

Hi,

Can you please contact us on techsupport@weonlydo.com and explain exactly what sample you need, since wodFtpDLX doesn't have either FindFiles, or Receive methods/functions?

Regards,
Damba

Re: wodFtpDLX Hostcertificate event with FileZilla

by newP, Monday, October 26, 2009, 22:56 (5508 days ago) @ wodDamir

Thanks Damir,
Ok...lets take it setp by step. I am following the 2. COM Object With Events ( on my disk resides at C:Program FilesWeOnlyDo.ComFtpDLXSamplesVCMFC) sample that came with WOD. Originally the sample is using Certificate authentication. So I made changes to it to do just that. Below is the code for OnConnect method in 'WithEventsView.cpp'. This is the only function I have changed and you can compare this to see the changes from the original one.

void CWithEventsView::OnConnect()
{
VARIANT var;

var.vt = VT_ERROR;

ICertificate Cert;
LPCTSTR certPath;
VARIANT cPass;
AfxVariantInit(&cPass);
certPath = C:\Program Files\FileZilla Server\FZCert.crt ;
int iPort = 990;


// no arguments

UpdateData(TRUE);
int prot = m_Protocol.GetCurSel();
Cert.Load(certPath,cPass);
Cert.LoadKey(certPath,cPass);
m_Ftp.SetHostname(m_strHostname);
m_Ftp.SetLogin(m_strLogin);
m_Ftp.SetPassword(m_strPassword);
m_Ftp.SetProtocol(prot);
m_Ftp.SetPort(iPort);
m_Ftp.SetAuthentication(2);

VARIANT varHost;
AfxVariantInit(&varHost);
varHost.vt =VT_BSTR;
varHost.bstrVal = m_strHostname.AllocSysString();

VARIANT varPort;
AfxVariantInit(&varPort);
varPort.vt=VT_I4;
varPort.iVal=iPort;

VARIANT varProtocol;
AfxVariantInit(&varProtocol);
varProtocol.vt=VT_I4;
varProtocol.iVal=prot;
Debug( CONNECTING...
);

m_Ftp.Connect(varHost,varPort,varProtocol);
}

This is giving me 'unknown exception' on the last statement where it actually connects. You might have noted from my previous posts that the exact same code works in VB 6.0 and I also get HostCertificate event. I can zip and send the VB 6.0 sample if you need me to.
So I wish this sample to work the same way, first connect using authCertificate, and then GetFiles and PutFiles.
Thats all!

Your help is greatly appreciated.
Thanks

Re: wodFtpDLX Hostcertificate event with FileZilla

by woddrazen, Monday, October 26, 2009, 23:12 (5507 days ago) @ newP

Hi,


Can you please zip and send us some simple VB6 sample to techsupport@weonlydo.com

So we can prepare you same sample in VC++.


Drazen

Re: wodFtpDLX Hostcertificate event with FileZilla

by newP, Tuesday, October 27, 2009, 16:42 (5507 days ago) @ woddrazen

Thank you. I just sent the VB6.0 sample along with the certificate file that I am using for the sample, to the email address provided. Looking forward to hear from you.

Thanks for your support.