on 11-19-2009 9:14 PM
Hi Guys,
we are trying to send the file through FTPS. We have uploaded the certiifcate into VA tool.
1. we are using the port as 21. What are the port numbers in general to use for FTPS?
2. The certiifcate has CN = xxxxx.com and in this case is it mandatory to use the same name in file cc
3. we are getting the certiifcate chain error with port 21
4. No certiifcate error but time out error with port 90 or 900 or 990.
any help or suggestions would be really appreciated
Thanks,
Srini
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Abhay,
We tried ping -a IP address on the PI server and its resolving to the proper DNS Name but when we try to send the messages still we are getting the error.
I have looked into the OSS note and it says as below, but our certificate is self signed and we dont have a CA. Is it necessary that the certiifcate needs to be signed by a CA?
After configuring a File Adapter FTPS communication channel, I
see the following error message in the Adapter Monitor:
iaik.security.ssl.SSLException: Server certificate rejected by
ChainVerifier. What do I need to configure to get my scenario
working?
o A: The File Adapter checks whether a trusted certificate chain
exists for the X.509 certificate of the FTP server it is connecting
to. A certificate chain is considered trusted if the chain is valid
and at least one of its certificates is directly trusted. If the
certificate chain is untrusted, the above exception is thrown. To
configure a single certificate or a certification authority's CA
certificate as directly trusted, add the respective X.509
certificate to the "Trusted CAs" view of the "Key Storage" service
in the SAP J2EE Visual Administrator. In most cases, this will be
the CA certificate that was used to sign the server certificate.
any help would be appreciated
Thanks,
Srini
Hi Srini,
Just get the self signed certificate signed by a CA such as Verisign or SAP TCS. There are some test certificates which are available on these sites. You can get your certificate request signed without any cost which will have limited period.
Try importing the certificates and root CA in Keystore.
Then give a try.
Revert with results.
Cheers...,
Raghu
Hi Raghu,
Thanks for your resonse.
we are sending the file over FTPS to a server xxxxx.com. We gave them our self signed public certifcate.
we did not get the certiifcate signed by a CA and we send the files its writng to the FTPS server and there is no data in it.
we are still gettting the error peer certifcate chain rejected error. Anbody got this worked out with selfsigned certiifcate?
any help or suggestions would be appreciated
Thanks,
Srini
Hi Guys,
I have found a link which talks about this problem
Looks like reverse DNS problem and i have checked in the website by giving the IP address and it confirms the site has
reverse DNS lookup
http://postmaster.aol.com/tools/rdns.html
we are looking into other tests and i will update as soon as we find something
Thanks,
Srini
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.