Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

X509 certificates for SFTP #4

Closed
robinrodricks opened this issue Nov 3, 2016 · 3 comments
Closed

X509 certificates for SFTP #4

robinrodricks opened this issue Nov 3, 2016 · 3 comments
Labels
faq

Comments

@robinrodricks
Copy link
Owner

Is there a way to bundle an X509 certificate (from a file) or do I have to register it in the X509Store, and if so, which one?
@robinrodricks
Copy link
Owner Author

robinrodricks commented Nov 3, 2016
edited
Loading

Firstly see this FAQ entry - https://github.com/hgupta9/FluentFTP#client-certificates

You need the certificate added into your local store, and then do something like this:

FluentFTP.FtpClient client = new FluentFTP.FtpClient();
client.Host = "WWW.MYSITE.COM";
//client.Port = 6371;
client.Credentials = new NetworkCredential("USER","PASS");

// Select certificate and add to client
X509Store store = new X509Store("MY", StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
X509Certificate2Collection scollection = X509Certificate2UI.SelectFromCollection(fcollection, "Select a certificate", "Select a certificate", X509SelectionFlag.MultiSelection); 

if (scollection.Count != 1)
{
    throw new Exception("Error: You have not chosen exactly one certificate");
 }
foreach (X509Certificate2 x509 in scollection)
{
    client.ClientCertificates.Add(x509);
}
store.Close();

//client.ReadTimeout = 10000;
client.Connect();

@robinrodricks
Copy link
Owner Author

robinrodricks commented Nov 3, 2016
edited
Loading

This is another way. And use X509Certificate2. I've been unable to get X509Certificate to work and from my reading it's because it's an incomplete implementation.

public void InitSFTP(){

    FluentFTP.FtpClient client = new FluentFTP.FtpClient();
    X509Certificate2 cert_grt = new X509Certificate2("C:\mycert.xyz"); 
    conn.Host = "WWW.MYSITE.COM";
    //conn.Port = 123;
    conn.Credentials = new NetworkCredential("USER", ""PASS""); 
    conn.EncryptionMode = FtpEncryptionMode.Explicit; 
    conn.DataConnectionType = FtpDataConnectionType.PASV; 
    conn.DataConnectionEncryption = true; 
    conn.EnableThreadSafeDataConnections = false; 
    conn.ClientCertificates.Add(cert_grt); 
    conn.ValidateCertificate += new FtpSslValidation(OnValidateCertificate); 
    conn.Connect();
}       

private void OnValidateCertificate(FtpClient control, FtpSslValidationEventArgs e)
{
    e.Accept = true;
}

@robinrodricks robinrodricks mentioned this issue Nov 3, 2016
Closed
@mirhagk mirhagk mentioned this issue Dec 17, 2016
Closed
@robinrodricks
Copy link
Owner Author

Moved to Wiki

robinrodricks pushed a commit that referenced this issue May 15, 2017
@jblacker
Merge pull request #4 from hgupta9/master
ee37678 
Pull from upstream
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
faq
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@robinrodricks