cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Curl command for FTPS (TLS)

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 31 Jan 2007 10:16:11 +0100 (CET)

On Wed, 31 Jan 2007, Sachin Sisodia wrote:

> We got a requirement to test the FTPS (over TLS). Earlier we were using FTPS
> (over SSL) and post file to our server and invoke its service through the
> following curl command:

Exactly what is the difference between TLS and SSL here according to you?

SSLv3 is the protocol that later was turned into TLSv1 when standardized, and
the SSL libs we use detect and use the "proper" version automatically.

> curl -E RANG00001-CC.pem --key RANG00001-CC-KEY.pem -k -v --connect-timeout
> 300 -T file_3MB.txt -P 10.172.30.90 --ftp-ssl
> ftp://10.171.44.97:8003/ns/TransportFTPS/putPlainFile/BMWEBILLSUNEDIFACTPAYMUL

... and this server speaks TLS only? And what happens, doesn't this work?

> I would appreciate if anyone can let me know what changes are required in
> above command to post file over TLS instead of SSL.

Try the -1/--tlsv1 option to force TLSv1 in the SSL/TLS layer negotiation.

By default, curl will send the "AUTH SSL" command first and then "AUTH TLS" on
the control connection when trying to activate FTP-SSL, but the command line
client has no option to switch this order (although the library knows how).
And the exact command name doesn't matter anwyay, since both commands could
very well negotiate SSL or TLS, depending on the previously mentioned option
and what the server wants.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2007-01-31