cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: FTP/SSL issue; Help!

From: Max <maxshop01_at_gmail.com>
Date: Sat, 4 Apr 2009 16:51:26 -0400

No, there is no firewall. Thanks

On Sat, Apr 4, 2009 at 7:15 AM, Markus Moeller <huaraz_at_moeller.plus.com> wrote:
> Do you know if there is a firewall in between ?
>
> Markus
>
> "Max" <maxshop01_at_gmail.com> wrote in message
> news:a4e55e0c0904031755y2b010e2bg5e7e908e71265a9f_at_mail.gmail.com...
> Hello Everyone,
>
> I have been trying unsuccessfully to connect to a FTP site over SSL
> using curl, and have run out of options. I was hoping somebody on this
> list can point me in the right direction.
>
> Here are the details and what I have tried so far:
>
> curl 7.19.1 (hppa2.0w-hp-hpux11.23) libcurl/7.19.1 OpenSSL/0.9.7m
> zlib/1.2.3 libidn/0.6.9
> Protocols: tftp ftp telnet dict http file https ftps
> Features: IDN IPv6 Largefile NTLM SSL libz
>
> 1). curl -k -v --user user01:pass01 --disable-epsv --cacert mycert.pem
> --ftp-ssl ftp://ftps.nnn.com
>
> * About to connect() to ftps.nnn.com port 21 (#0)
> * Trying xxx.xx.xxx.xx... connected
> * Connected to ftps.nnn.com (xxx.xx.xxx.xx) port 21 (#0)
> < 220 CONNECT:Enterprise Gateway 2.0.02. S11 FTP Server ready... 20:16:29
> 04-0
> 3-2009
>>
>> AUTH SSL
>
> < 234 AUTH: command accepted. Securing command channel ...
> * successfully set certificate verify locations:
> * CAfile: mycert.pem
> CApath: none
> * SSLv3, TLS handshake, Client hello (1):
> * SSLv3, TLS handshake, Server hello (2):
> * SSLv3, TLS handshake, CERT (11):
> * SSLv3, TLS handshake, Server finished (14):
> * SSLv3, TLS handshake, Client key exchange (16):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSL connection using RC4-SHA
> * Server certificate:
> * subject: C=US, ST=State, L=City, O=Company, OU=Commercial De
> livery Servicies, CN=ftps.nnn.com
> * start date: 2009-02-27 19:28:24 GMT
> * expire date: 2010-12-30 19:58:23 GMT
> * common name: ftps.nnn.com (matched)
> * issuer: C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (li
> mits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server
> Certi
> fication Authority
> * SSL certificate verify result: unable to get local issuer certificate (
> 20), continuing anyway.
>>
>> USER user01
>
> < 331 Password required for user01.
>>
>> PASS pass01
>
> < 230 User user01 logged in. Session Id: 61262.
>>
>> PBSZ 0
>
> < 200 PBSZ command accepted.
>>
>> PROT P
>
> < 200 PROT command accepted. Data transactions will be secured.
>>
>> PWD
>
> < 257 "user01" is the current working Mailbox ID.
> * Entry path is 'user01'
>>
>> PASV
>
> * Connect data stream passively
> < 227 PASV Entering passive mode (zz,zz,zz,zz,z,zzz).
> * Trying zz.zz.zz.zz... Connection timed out
> * couldn't connect to host
> * Closing connection #0
> * SSLv3, TLS alert, Client hello (1):
> curl: (7) couldn't connect to host
>
>
> 2). curl -k -v --user user01:pass01 --list-only --disable-epsv
> --ftp-port - --disable-eprt --cacert mycert.pem --ftp-ssl
> ftp://ftps.nnn.com
>
> The log up to this point is the same as above.....
>
> * Entry path is 'user01'
>>
>> PORT 192,168,100,21,230,143
>
> < 200 PORT command successful.
> * Connect data stream actively
>>
>> TYPE A
>
> < 200 TYPE Command okay.
>>
>> NLST
>
> < 150 Opening data connection.
>
> At this point, it just stays there (hangs?) and I don't see anything.
> I have to Ctrl-C after a couple of minutes to exit.
>
>
> 3). curl -k -v --user user01:pass01 --list-only --disable-epsv
> --ftp-skip-pasv-ip --cacert mycert.pem --ftp-ssl ftp://ftps.nnn.com
>
> The log up to this point is the same as above.....
>
> * Entry path is 'user01'
>>
>> PASV
>
> * Connect data stream passively
> < 227 PASV Entering passive mode (zz,zz,zz,zz,zz,zzz).
> * Skips zz.zz.zz.zz for data connection, uses xxx.xx.xxx.xx instead
> *   Trying xxx.xx.xxx.xx... Connection refused
> * couldn't connect to host
> * Closing connection #0
> * SSLv3, TLS alert, Client hello (1):
> curl: (7) couldn't connect to host
>
>
> I am not sure what else to try. Any suggestions?
>
> Thanks!
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
> FAQ:        http://curl.haxx.se/docs/faq.html
> Etiquette:  http://curl.haxx.se/mail/etiquette.html
>
>
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
> FAQ:        http://curl.haxx.se/docs/faq.html
> Etiquette:  http://curl.haxx.se/mail/etiquette.html
>
-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-04-04