cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: libcurl: Problem when connect to a shared hosting server over ftp+ssl

From: chu ngoc hung <hungcn_at_gmail.com>
Date: Tue, 5 Feb 2013 09:14:29 +0700

Thanks for your rely,

Yes, I use to connect to my host only for research purpose, and I've got a
success result for a FTP-SSL connection to connect to my local server
(self-signed certificate).
With current server (dysoft-mobile.com) when i disable host or peer
verification the connection is always timeout (both EPSV and PASV)
I've got the same result with FileZilla client but when I use Cyberduck
client the result is OK (although it alert me that the certificate is
invalid before it connect success).
And I use explicit FTP-SSL because this server support this type only.

On Tue, Feb 5, 2013 at 12:17 AM, Nick Zitzmann <nick_at_chronosnet.com> wrote:

>
> On Feb 4, 2013, at 3:48 AM, chu ngoc hung <hungcn_at_gmail.com> wrote:
>
> > Hi guys,
> >
> > I'm using libcurl version 7.28.0 - with ssl (openssl) - to connect to
> server dysoft-mobile.com hosting by bluehost.com with ftp+ssl connection.
> I downloaded certificate from this server and add to my ca path before
> connect to server. But I always get an error:
> > * Server certificate:
> > * subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard;
> CN=*.bluehost.com
> > * start date: 201
> > * expire date: 202
> > * subjectAltName does not match dysoft-mobile.com
> > * Closing connection #0
> > * SSL peer certificate or SSH remote key was not OK
> >
> > When I turn off verifying host/peer the connection is always timeout.
> >
> > Can you give me advice to fix this?
>
> You could disable host name verification, though I wouldn't recommend you
> do that unless this project of yours is for internal use only and isn't
> going to be used to connect to other servers. A better fix would be to get
> the host to issue and use a new certificate for the site using its proper
> domain name.
>
> And about the timeout: Does it work if you use any other client to connect
> to the server? Are you using implicit or explicit FTP-SSL? (There's a
> difference.)
>
> Nick Zitzmann
> <http://www.chronosnet.com/>
>
>
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html
>

-- 
Chu Ngọc Hưng
Hanoi University Of Technology
Tel:+84904010806
E-Mail: hungcn_at_gmail.com, or ngochunghutit_at_yahoo.com

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-05