> "Max" <maxshop01_at_gmail.com> wrote in message
> news:a4e55e0c0904070646q7236da61p7343e631d6dffd9c_at_mail.gmail.com...
> I did some further investigation and also contacted the "server"
> company, and here is what they said:
>
> "Your FTP client must also be able to send the CCC (clear control
> channel) command and support sever authentication. Client
> authentication is not supported". I am not very clear on what exactly
> they mean by server and client authentication.
>

I think they mean server ssl certs and client ssl certs

> I tried --ftp-ssl-ccc (jnstead of --ftp-ssl), but it failed right away
> at the USER command saying that the "Server policy requires that all
> clients be secured. Access denied 503". I also tried changing the CCC
> mode to active (--ftp-ssl-ccc-mode active), but got the same error.
>

Here I assume that after the inital connection has to be fully SSL encrypted
till the password is send to just protect the password. After that, but
before any other command send a ccc. This will change the mode to clear and
therefore the FW can inspect the port/pasv command.

> I have asked them if they use a specific port range for passive
> connections, and am waiting for a response.
>
> Thanks

Regards
Markus

-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-04-07