Hi

I am having problems getting VisualCron to establish an FTPs connection (Explicit TLS) with a p12 certificate.

The message is:

ConnectThread (4)
Connection opened
FTP/S reply received: 220 Welcome to Axway Gateway FTP server
FTP/S command sent: AUTH TLS
FTP/S reply received: 234 AUTH command OK, waiting handshake
SSL Error: 75796, Fatal: True, Remote: True
Error occured while enabling SSL/TLS on command channel

I can get it to work without any hassle in two other tools: SmartFTP and CoreFTP LE. In both cases they use the certificate imported into Windows SSL: All I do there is setting the address and port, then import the certificate to Windows (via a wizard started from the programmes) and choose it for the connection. All connections (also VisualCron) are from the same host with no proxy.

In VisualCron I import the p12 certificate and enter the password. It is imported without error/warning. Then I mark the certificate under [Certificates] in the "FTP TLS Explicit (AUTH TLS)" Connection but no luck so far.

I have tried all combinations of "Channel encryption" and "Allowed SSL/TLS versions" (even though this should be negotiated automatically). Sometimes the SSL error is 75795, but it seems arbitrary. Most of the times it is 75796.

Am I doing this wrongly or are there limits in handling P12 certificates in VisualCron?

Thank you.

I think it is not related to certificate but TLS settings. Try setting TLS version to 1.2 (uncheck all other).

---

Thank you for looking into this! We realy want to use VisualCron for this, so we don't have to use another tool in this particular task.

I have created a new "FTP TLS Explicit" with the certificate to make sure everything is reset. Authentication is Anonymous (Password). Channel encryption: only the command channel is ticked (default). Only TLS version 1.2 is ticked. No other changes:

No luck. Still 75796.

I think our developers could test this with your connection settings and ceritifiate. That is probably the only way to resolve this besides brute-forcing different settings. If you can, please send all details to support@visualcron.com

---

The VisualCron developers discovered that the site I was connecting to, used an older cipher suite in TLS 1.0, and VC can not handle that. From a security standpoint this is good because TLS 1.2 should be used.

I found an acceptable workaround using WinSCP (a stable and trusted program) through an Execution task. All parameters, path to certificate and password is on the argument line within VC.

Example argument: /command "open ftpes://anonymous:gibberish@hostsite.com:1111/ -clientcert=""c:\my cert.p12"" -passphrase=mYpW42" "lcd c:\uploaddir" "put uploadfile.* /ftpdir/" "exit"