cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

FTPS issue

Former Member

on ‎11-19-2009 9:14 PM

0 Kudos

Hi Guys,

we are trying to send the file through FTPS. We have uploaded the certiifcate into VA tool.

1. we are using the port as 21. What are the port numbers in general to use for FTPS?

2. The certiifcate has CN = xxxxx.com and in this case is it mandatory to use the same name in file cc

3. we are getting the certiifcate chain error with port 21

4. No certiifcate error but time out error with port 90 or 900 or 990.

any help or suggestions would be really appreciated

Thanks,

Srini

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

abhay_rajhans2
Contributor
‎11-20-2009 9:47 AM
0 Kudos

Hi

Check this link may help

Show replies
Show replies
Former Member
‎11-24-2009 4:40 AM
0 Kudos

Hi Abhay,

We tried ping -a IP address on the PI server and its resolving to the proper DNS Name but when we try to send the messages still we are getting the error.

I have looked into the OSS note and it says as below, but our certificate is self signed and we dont have a CA. Is it necessary that the certiifcate needs to be signed by a CA?

After configuring a File Adapter FTPS communication channel, I

see the following error message in the Adapter Monitor:

iaik.security.ssl.SSLException: Server certificate rejected by

ChainVerifier. What do I need to configure to get my scenario

working?

o A: The File Adapter checks whether a trusted certificate chain

exists for the X.509 certificate of the FTP server it is connecting

to. A certificate chain is considered trusted if the chain is valid

and at least one of its certificates is directly trusted. If the

certificate chain is untrusted, the above exception is thrown. To

configure a single certificate or a certification authority's CA

certificate as directly trusted, add the respective X.509

certificate to the "Trusted CAs" view of the "Key Storage" service

in the SAP J2EE Visual Administrator. In most cases, this will be

the CA certificate that was used to sign the server certificate.

any help would be appreciated

Thanks,

Srini

Former Member
‎11-24-2009 2:12 PM
0 Kudos

Hi Srini,

Just get the self signed certificate signed by a CA such as Verisign or SAP TCS. There are some test certificates which are available on these sites. You can get your certificate request signed without any cost which will have limited period.

Try importing the certificates and root CA in Keystore.

Then give a try.

Revert with results.

Cheers...,

Raghu

Former Member
‎11-25-2009 3:37 AM
0 Kudos

Hi Raghu,

Thanks for your resonse.

we are sending the file over FTPS to a server xxxxx.com. We gave them our self signed public certifcate.

we did not get the certiifcate signed by a CA and we send the files its writng to the FTPS server and there is no data in it.

we are still gettting the error peer certifcate chain rejected error. Anbody got this worked out with selfsigned certiifcate?

any help or suggestions would be appreciated

Thanks,

Srini

Former Member
‎11-19-2009 10:19 PM
0 Kudos

Hi Guys,

I have found a link which talks about this problem

Looks like reverse DNS problem and i have checked in the website by giving the IP address and it confirms the site has

reverse DNS lookup

http://postmaster.aol.com/tools/rdns.html

we are looking into other tests and i will update as soon as we find something

Thanks,

Srini

Show replies
Show replies
Ask a Question