How to use FTPs in SSL Sockets?

hello Guy's
can i transfer file using FTPs in ssl....
need an urgent help in this reguard...

Hi,
you need to get new certificate for iWS. It not possible to use same certificate, which one you got for weblogic server.
I hope this helps.
Thanks,
Dakshin.
Developer Technical Support
Sun Microsystems
http://www.sun.com/developers/support.

Similar Messages

Dreamweaver (on Windows 7) wont connect to IIS (v7) Server using "FTP over SSL/TLS..."

I am evauating wether to purchase Dreamweaver CS6...
Dreamweaver CS6 trial (on Windows 7) wont connect to IIS (v7) Server using "FTP over SSL/TLS (explicit encryption)". I have a NEW Godaddy SSL certificate installed on the IIS server.
On connecting Dreamweaver states: "Server Certificate has expired or contains invalid data"
I have tried:
-ALL the Dreamweaver Server setup options
-Using multiple certificates (tried 2048 bit and 4096 bit Godaddy SSL certificates)
-Made sure the certificate 'issued to' domain name matches my domain name.
I am able to connect no problem using Filezilla, with equivalent Filezilla setting "Require explicit FTP over TLS". I can also connect fine using Microsoft Expression web.

Thanks for your prompt reply.
My comments:
1) You should update your tread (forums.adobe.com/thread/889530) to reflect that it still occurs on CS6 (I had already read it but figured it was an old tread and thus should be fixed by now).
2) You said “These warnings will also pop up for your users if you have a store saying the SSL certificate does not match the domain/ip and this can make users checking out in a storefront very nervous” . This does not seem to be correct – my https pages display properly using the same Godaddy certificate … using IE:
3) Godaddy is not my host (I use Amazon AWS) – but the SSL certificate is from them.

Crash connection over Internet using TCP/IP SSL sockets

I'm doing a file Transfer WEB Client/server Application using TCP/IP SSL Sockets?
In an internal LAN the file Transfer work pretty well but in Internet this Crash (downturn the file transfer).
the code in Client to connect to server is:
SSLSocketFactory sslFact = (SSLSocketFactory)SSLSocketFactory.getDefault();
socket = (SSLSocket)sslFact.createSocket(c.site, c.PORT);
String [] enabledCipher = socket.getSupportedCipherSuites ();
socket.setEnabledCipherSuites (enabledCipher);
out = new ObjectOutputStream(socket.getOutputStream());
in = new ObjectInputStream(socket.getInputStream());
The code in Server to wait client connections is:
Runtime.getRuntime().addShutdownHook(new ShutdownThread(this));
try {
SSLServerSocketFactory factory = (ServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslIncoming =
(SSLServerSocket) factory.createServerSocket (PORT);
String [] enabledCipher = sslIncoming.getSupportedCipherSuites ();
sslIncoming.setEnabledCipherSuites (enabledCipher);
while(running) {
SSLSocket s = (SSLSocket)sslIncoming.accept();
newUser(s, pauseSyn);
} catch (IOException e) { System.out.println("Error: " + e); }
Some help with this topic, show me the ligth? what is bad?

Hi,
Can you show us the stacktrace?
/Kaj

How to Use Schannel for TLS Sockets on Windows?

I need make a c++ TLS socket server running on Windows XP, and a c# TLS socket client on Windows 7.
The reason of using Schannel TLS is that it is FIPS 140-2 validated.
But it is not easy to find some sample code of Schannel.
By search, I found two c++ TLS samples, but the samples use the secur32.dll, some APIs seem are FIPS non-approved.
codeproject SSL/TLS client/server for .NET and SSL tunnelling
http://www.coastrd.com/c-schannel-smtp C++ SSPI Schannel TLS example
According to 140sp1000.pdf (Microsoft Windows Vista Kernel Mode Security Support Provider Interface (ksecdd.sys) Security Policy Document), following APIs are FIPS non-approved APIs.
InitializeSecurityContextW
ImpersonateSecurityContext
EncryptMessage
DecryptMessage
I am quite confused about two things:
One is that the FIPS non-approved APIs of ksecdd.sys also are also non-approved in secur32.dll?
Another question is what's the correct way of using Schannel. Are the samples using Schannel in the correct way, must the APIs InitializeSecurityContextW/EncryptMessage be used?
I want some sample code about how to use Schannel in native c++ and managed c#.

I'm not sure what information you are referring to that indicates InitializeSecurityContext() and EncryptMessage() are not FIPS compliant. InitializeSecurityContext() is required API on the client side. EncryptMessage() is the required API to
encrypt data. Both APIs are important APIs in SSPI.
In .NET, you would use the SSLStream Class, https://msdn.microsoft.com/en-us/library/system.net.security.sslstream(v=vs.110).aspx .
MSDN has sample code for both the client and server.
There used to be an SSPI client + server sample (WebClient & WebServer) on the Windows SDK. I don't know if it is still there. If you can't find them, please let me know.
thanks
Frank K [MSFT]
Follow us on Twitter, www.twitter.com/WindowsSDK.

How to use FTPS using FTP adapter

I am trying to create one BPEL process using SOA 11g 11.1.1.4, which will put file on remote location using ftp adapter. I have created JNDI properly and using wallet.
useFtps= True
walletLocation= correct path of wallet created in Oracle HTTP Server(OHS)
walletPassword = walletPassword
host = ipaddress
username = myUsername
password = myPassword
For all this I have followed http://download.oracle.com/docs/cd/E17904_01/integration.1111/e10231/adptr_file.htm#BABEBGGD
Now, whenever I try to test that BPEL process it gives me error:
"Exception occured during invocation of JCA binding: "JCA Binding execute of Reference operation 'Put' failed due to: Error in establishing SSL session. Error in establishing SSL session. Unable to establish SSL session on control channel. Reply String: 530 Please login with USER and PASS. Reply Code: 530) Please correct the setup for SSL. ". The invoked JCA adapter raised a resource exception. Please examine the above error message carefully to determine a resolution"
Any suggestion or resolutions are welcome.
Thanks!!
Regards
Yogesh

Hi,
When you configure the Connection Factory for FTP Adapter in Admin Console, provide the following values for the attributes like the hostname, username, password, port and the path of remote location as where
you want to write the file in remote Server i.e., ftpAbsolutePathBegin. Please fill this
attribute with the path like /soa/ftp/file (example path). If you are writing to a remote FTP server you need to create a Connection factory for that as above.
Please try this and let me know...
Thanks,
N

How to use wait/nofity in socket server

Dear all
that is one of sample code from a book which's use mutil connection with socket program , but i if it is possible to use wait and nofity to controle client activety by wait and notify in this sample code ?
some idea hope someone give me a help please
import java.net.*;
import java.io.*;
* Threaded Echo Server, pre-allocation scheme.
* Each Thread waits in its accept() call for a connection; this synchronizes
* on the serversocket when calling its accept() method.
* @author Ian F. Darwin.
public class EchoServerThreaded2 {
     public static final int ECHOPORT = 7;
     public static final int NUM_THREADS = 4;
     /** Main method, to start the servers. */
     public static void main(String[] av)
          new EchoServerThreaded2(ECHOPORT, NUM_THREADS);
     /** Constructor */
     public EchoServerThreaded2(int port, int numThreads)
          ServerSocket servSock;
          Socket clientSocket;
          try {
               servSock = new ServerSocket(ECHOPORT);
          } catch(IOException e) {
               /* Crash the server if IO fails. Something bad has happened */
               System.err.println("Could not create ServerSocket " + e);
               System.exit(1);
               return;     /*NOTREACHED*/
          // Create a series of threads and start them.
          for (int i=0; i<numThreads; i++) {
               new Thread(new Handler(servSock, i)).start();
     /** A Thread subclass to handle one client conversation. */
     class Handler extends Thread {
          ServerSocket servSock;
          int threadNumber;
          /** Construct a Handler. */
          Handler(ServerSocket s, int i) {
               super();
               servSock = s;
               threadNumber = i;
               setName("Thread " + threadNumber);
          public void run()
               /* Wait for a connection. Synchronized on the ServerSocket
                * while calling its accept() method. */
               while (true){
                    try {
                         System.out.println( getName() + " waiting");
                         Socket clientSocket;
                         // Wait here for the next connection.
                         synchronized(servSock) {
                              clientSocket = servSock.accept();
                         System.out.println(getName() + " starting, IP=" +
                              clientSocket.getInetAddress());
                         DataInputStream is = new DataInputStream(
                              clientSocket.getInputStream());
                         PrintStream os = new PrintStream(
                              clientSocket.getOutputStream(), true);
                         String line;
                         while ((line = is.readLine()) != null) {
                              os.print(line + "\r\n");
                              os.flush();
                         System.out.println(getName() + " ENDED ");
                         clientSocket.close();
                    } catch (IOException ex) {
                         System.out.println(getName() + ": IO Error on socket " + ex);
                         return;
}if i add end of my code like this and then the error message indicat that
java.lang.IllegalMonitorStateException: current thread not owner
try{
                    clientSocket.wait();
             }catch(InterruptedException e){
                                          clientSocket.close();
                                          clientSocket.notify();
                                        }

Why? Closing the socket will cause the client to return from reading the socket with a null or zero or EOFException. You don't need anything else.
In any case notifying the clientSocket will only wakeup threads in the current JVM that are waiting on it. This mechanism isn't magic, and it can't wake up another JVM.

How to use FTP with Time Capsule Gen4

I am having difficulty setting up FTP with my Time Capsule. This is the first time I have attempted using FTP on the Time Casule and have read through some documentation and believe I have it set up correctly but could be wrong. I am using FileZilla and tried to connect but the connection fails therefore my post for assistance.
If someone could provide me the basics or links for installation/testing and etc.. I would very much appreciate it. At this point I feel I just need to start over.
Thanks,
John

Port forwarding for FTP is rather more complex than it first seems..
Ports that need to be open depend on type of FTP.. ie active or passive.
Read the discussion of ftp through NAT.
http://slacksite.com/other/ftp.html
Make sure the firewall on the computer that is running ftp is off.
And I guess in the end.. if you have a different router give that a go.. it can help identify where the problem is.
If you are using v6 airport utility.. opening ports is not at all easy either.. definitely recommend you install 5.6 utility.
If you are still on lion just install it.. http://support.apple.com/kb/DL1482
If you are on ML tell us as there are ways and means.

SOLVED: How To Use LDAP over SSL (no certs) from java program

Trying to connect to OID from Java program (using Grocery Store demo as a test). Want to use SSL with no server certificate. OID is configured, and ldapsearch -U 1 works.
Tried using URL with ldaps, or adding SECURITY_PROTOCOL,"ssl". In both case the error is 'simple bind failed'.
Samples on OTN say this should be possible, but then only have code for the non-ssl connection.
Posting from others with this same question don't seem to have been answered.
Message was edited by:
user590350
I have found that using ConnectionUtil.getSSLDirCtx() from Oracle will make a no-authentication SSL connection. An example in the sample code would be useful.

Even with Java APIs, There is a way to talk through SSL without bothering about certificates. It's just that you will have to write some code and make some changes in settings.
Read following to get further information on the same.
http://kiranthakkar.blogspot.com/2007/04/dummny-certificate-authentication.html
I don't know or I won't comment whether it's the right approach or not but it's definitely a work around.
Thanking You
Kiran Thakkar

How to use FTP binding transfer?

Hi
I tried to make a BPEL process with File BC and FTP BC(transport)
But though files are stored in a archived folder and named sample_%d.txt"%u"_processed, there are no files in the folder of the FTP server.
I want to upload files into the ftp://localhost/upload. I read the wiki document and thought that it is not suitable to use FTPBindingMessage, then FTP binding type is transfer type.
Someone could point out ? what is the wrong.
<?xml version="1.0" encoding="UTF-8"?>
<definitions name="feedFiles" targetNamespace="http://j2ee.netbeans.org/wsdl/feedFiles"
    xmlns="http://schemas.xmlsoap.org/wsdl/"
    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://j2ee.netbeans.org/wsdl/feedFiles" xmlns:plnk="http://docs.oasis-open.org/wsbpel/2.0/plnktype" xmlns:file="http://schemas.sun.com/jbi/wsdl-extensions/file/">
    <types/>
    <message name="feedFilesOperationRequest">
        <part name="part1" type="xsd:string"/>
    </message>
    <portType name="feedFilesPortType">
        <operation name="feedFilesOperation">
            <input name="input1" message="tns:feedFilesOperationRequest"/>
        </operation>
    </portType>
    <binding name="feedFilesBinding" type="tns:feedFilesPortType">
        <file:binding/>
        <operation name="feedFilesOperation">
            <file:operation/>
            <input name="input1">
                <file:message use="literal" fileName="sample_%d.txt" pollingInterval="1000" fileNameIsPattern="true" fileType="text"/>
            </input>
        </operation>
    </binding>
    <service name="feedFilesService">
        <port name="feedFilesPort" binding="tns:feedFilesBinding">
            <file:address fileDirectory="C:\Temp\FTP" lockName="filebc.lck" workArea="filebc_tmp" seqName="filebc.seq"/>
        </port>
    </service>
    <plnk:partnerLinkType name="feedFiles">
        
        <plnk:role name="feedFilesPortTypeRole" portType="tns:feedFilesPortType"/>
    </plnk:partnerLinkType>
</definitions>And
<?xml version="1.0" encoding="UTF-8"?>
<definitions name="uploadFiles" targetNamespace="http://j2ee.netbeans.org/wsdl/uploadFiles"
    xmlns="http://schemas.xmlsoap.org/wsdl/"
    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://j2ee.netbeans.org/wsdl/uploadFiles" xmlns:plnk="http://docs.oasis-open.org/wsbpel/2.0/plnktype" xmlns:ftp="http://schemas.sun.com/jbi/wsdl-extensions/ftp/">
    <types/>
    <message name="uploadFilesOperationRequest">
        <part name="part1" type="xsd:string"/>
    </message>
    <portType name="uploadFilesPortType">
        <operation name="uploadFilesOperation">
            <input name="input1" message="tns:uploadFilesOperationRequest"/>
        </operation>
    </portType>
    <binding name="uploadFilesBinding" type="tns:uploadFilesPortType">
        <ftp:binding/>
        <operation name="uploadFilesOperation">
            <ftp:operation/>
            <input name="input1">
                <ftp:transfer sendTo="upload/out_%u.txt" sendToHasPatterns="true" append="false" receiveFrom="" receiveFromHasRegexs="false" pollIntervalMillis="5000" preSendCommand="NONE" preSendLocation="" preSendLocationHasPatterns="false" preReceiveCommand="NONE" preReceiveLocation="" preReceiveLocationHasPatterns="false" postSendCommand="NONE" postSendLocation="" postSendLocationHasPatterns="false" postReceiveCommand="NONE" postReceiveLocation="" postReceiveLocationHasPatterns="false" senderUsePassive="true" receiverUsePassive="true" use="literal" encodingStyle="" messageCorrelate="false"/>
            </input>
        </operation>
    </binding>
    <service name="uploadFilesService">
        <port name="uploadFilesPort" binding="tns:uploadFilesBinding">
            <ftp:address url="ftp://anonymous:@localhost:21" dirListStyle="UNIX" useUserDefinedHeuristics="false" userDefDirListStyle="" userDefDirListHeuristics="" mode="BINARY" cmdChannelTimeout="45000" dataChannelTimeout="45000"/>
        </port>
    </service>
    <plnk:partnerLinkType name="uploadFiles">
        
        <plnk:role name="uploadFilesPortTypeRole" portType="tns:uploadFilesPortType"/>
    </plnk:partnerLinkType>
</definitions>BPRL file is:
<?xml version="1.0" encoding="UTF-8"?>
<process
    name="fileTranceferProcess"
    targetNamespace="http://enterprise.netbeans.org/bpel/MessageDownload/fileTranceferProcess"
    xmlns="http://docs.oasis-open.org/wsbpel/2.0/process/executable"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:tns="http://enterprise.netbeans.org/bpel/MessageDownload/fileTranceferProcess" xmlns:sxt="http://www.sun.com/wsbpel/2.0/process/executable/SUNExtension/Trace" xmlns:sxed="http://www.sun.com/wsbpel/2.0/process/executable/SUNExtension/Editor">
    <import namespace="http://j2ee.netbeans.org/wsdl/feedFiles" location="feedFiles.wsdl" importType="http://schemas.xmlsoap.org/wsdl/"/>
    <import namespace="http://j2ee.netbeans.org/wsdl/uploadFiles" location="uploadFiles.wsdl" importType="http://schemas.xmlsoap.org/wsdl/"/>
    <partnerLinks>
        <partnerLink name="PartnerLink2" xmlns:tns="http://j2ee.netbeans.org/wsdl/uploadFiles" partnerLinkType="tns:uploadFiles" partnerRole="uploadFilesPortTypeRole"/>
        <partnerLink name="PartnerLink1" xmlns:tns="http://j2ee.netbeans.org/wsdl/feedFiles" partnerLinkType="tns:feedFiles" myRole="feedFilesPortTypeRole"/>
    </partnerLinks>
    <variables>
        <variable name="UploadFilesOperationIn" xmlns:tns="http://j2ee.netbeans.org/wsdl/uploadFiles" messageType="tns:uploadFilesOperationRequest"/>
        <variable name="FeedFilesOperationIn" xmlns:tns="http://j2ee.netbeans.org/wsdl/feedFiles" messageType="tns:feedFilesOperationRequest"/>
    </variables>
    <sequence>
        <receive name="Receive1" createInstance="yes" partnerLink="PartnerLink1" operation="feedFilesOperation" xmlns:tns="http://j2ee.netbeans.org/wsdl/feedFiles" portType="tns:feedFilesPortType" variable="FeedFilesOperationIn"/>
        <assign name="Assign1">
            <copy>
                <from variable="FeedFilesOperationIn" part="part1"/>
                <to variable="UploadFilesOperationIn" part="part1"/>
            </copy>
        </assign>
        <invoke name="Invoke1" partnerLink="PartnerLink2" operation="uploadFilesOperation" xmlns:tns="http://j2ee.netbeans.org/wsdl/uploadFiles" portType="tns:uploadFilesPortType" inputVariable="UploadFilesOperationIn"/>
    </sequence>
</process>Application server: glassfish-v2-ur2-b04-patch-20080505
Product Version: NetBeans IDE 6.1 (Build 200804211638)
Java: 1.5.0_12; Java HotSpot(TM) Client VM 1.5.0_12-b04
System: Windows Vista version 6.0 running on x86; MS932; ja_JP (nb)
FTP BC Build Number:080611
File BC Build Number:080505
Toru Tomita

Toru, you might want to post your question on the open-esb mailing list as it is specific to OpenESB and there are more developers on that mailing list than this one. See http://open-esb.dev.java.net .

Applet(using SSL sockets) application in browser

hello everyone,
I am new to this forum, and this is my first forum in this site, please help me,
My problem is,
I have done an applet application which uses the SSL sockets, and it is working fine if i use the appletviewer tool, with the arguments of policy and URL, when i run this command "appletviewer -J-Djava.security.policy=mypolicy.policy URL of my html page" in the command mode its working fine.
I have wrote HTML file for running the applet, and when i used it in the browser i was not able to get output , i was getting the error "NoTrustedCertificates found", i have setted the properties of truststore and password in the program itself like,
System.setProperty("javax.net.ssl.trustStore", System.getProperty("java.home")+"cert");
System.setProperty("javax.net.ssl.trustStorePassword", "pwd");
and i also used the policy tool. I have stored my certificate along with the jar file, and i was getting this error
can anyone please help me, or suggest me the right way to reach my target.
Thanx in advance

Hai,
I have made my client applet running from the remote system, and the client was establishing SSL sockets, and there is a problem in Handshake, NO TRUSTED CERTIFICATE found was the error, and i had loaded the certificates ( one is used for signing the certificate, and the other is used for the SSL sockets authentication ) in my applet client code i have setted the system properties like
System.setProperty("javax.net.ssl.trustStore", System.getProperty("java.home")+"\\lib\\security\\cert");
System.setProperty("javax.net.ssl.trustStorePassword", "pwd");
and this is the certificate which is used for SSL sockets authentication, and i stored the cert in the "jre\lib\security\" directory, and im using the jdk1.4.2_05 version.
At the client side the error is
Network Error: sun.security.validator.ValidatorException: No trusted certificate found.
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.OutputStream.write(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
at sun.security.validator.SimpleValidator.buildTrustedChain(Unknown Source)
at sun.security.validator.SimpleValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
At the server side the error is
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
at com.ClientNeg.run(ClientNeg.java:76)
at java.lang.Thread.run(Unknown Source)
i was not able to understand what went wrong , so any one please help me in doing my work.
Thanx
dwurity

How to use SquirrelMail and Require SSL for IMAP Service?

Hello,
Mac OS X Server v.10.4.9 – Open Directory Master
Providing POP, IMAP, SMTP, web services including webmail via SquirrelMail.
PHP v.4.4.4 Nov. 1, 2006
OpenSSL v.0.9.7l Sept. 2006
I need to require SSL for IMAP access, however, I also need to provide webmail access. SquirrelMail does support TSL it seems and that can be configured from /etc/squirrelmail/config/conf.pl and is discussed briefly here: http://www.squirrelmail.org/wiki/SquirrelMailIMAPS .
When I turn on TSL on SquirrelMail and change the IMAP port number to 993 attempting to log into SquirrelMail provides the following error:
Bad request: IMAP server does not appear to support the authentication method selected. Please contact your system administrator.
According to the above noted page from the SquirrelMail site one needs PHP 4.3 and SSLv3 in order for TSL to work, one must also connect to the IMAP server over port 993. Requirements I appear to meet.
So – how can one require the use of SSL for IMAP and still provide webmail access via SquirrelMail?
I have reviewed these three threads:
http://discussions.apple.com/thread.jspa?threadID=912841&tstart=75
http://discussions.apple.com/thread.jspa?messageID=1457773&#1457773
http://discussions.apple.com/thread.jspa?messageID=3921004&#3921004
However they do not answer the fundamental question of how to use SquirrelMail with SSL required by IMAP. Essentially the conversation revolves around working around the SSL requirement or forgoing it.
Thank you for any assistance.

David,
Yet from time to time these same users are in a
circumstance where they need to use webmail, thus
SquirrelMail needs to work. I am not trying to
secure webmail by requiring SSL.
I see, your problem. In this particular case there is a workaround.
Use different ports for postfix and cyrus limited to localhost, thus catering only to SquirrelMail, thus not needing TLS.
Roughly do this (this is just off the top of my head, may contain errors):
For SMTP / Postfix:
Edit /etc/postfix/master.cf
and add:
465 inet n - n - - smtpd
-o smtpdrecipientrestrictions= permit_mynetworks,reject
-o mynetworks=127.0.0.1/32
-o smtpdenforcetls=no
# This will create a port 465 (if you use this alreay pick another one. choose the number wisely, depending ony what is in use on your server)
# This port is only accessible to IP number in "mynetworks"
For IMAP / Cyrus
Edit /etc/cyrus.conf and add (below imap):
imaplocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imap" prefork=0
Next duplicate /etc/imapd.conf and name it imapd-local.conf
Edit /etc/imapd-local.conf
Change
tlsserveroptions: require
to
tlsserveroptions: use
Next edit:
/etc/services
and create a port called "imaplocal"
(you could probably recycle 585 wich is deprecated, check what is in the services file, make sure no duplicate port numbers).
should look something like:
imaplocal 585/udp
imaplocal 585/tcp
When done with all config files:
Save & restart mail services
Point SquirrelMail to the new ports wich should only be accessible to localhost (check with an external client if it holds
Sorry for the "draft style" post, but I don't have much time.
Just ask, if anything isn't clear.
HTH,
Alex

How to use File Transfer Protocol in Java?

hi all,
im new to java. i dont know how to use FTP in java. but i want to transfer files from my machine to another machine and also i want to download files from that machine through FTP. how can i start this program. pls any one give me the code for this program. thanks in advance.

Of course you didn't get an "exact result", since that link was to an article which reviewed several products. If you aren't capable of making a decision based on that article, try using the Apache Commons/Net FTP component.

FTP w/SSL ?

Hello All,
My client need to send and receive the data from Bank systems thorugh FTP over SSH, but they are not ready to buy any third party adapter or any tool to use FTP over SSH as PI doent support FTPS.so i used shell script to send and receive data, but bank is not happy with shell script.
Now client is implementing Proxy server and PI need to send or receive the data using FTP w/ SSL through Proxy server which will be very secure connection for bank details.
to do this scenario , just we need to know the FTP details like:
1)     FTP server IP address
2)     Port
3)     File path and File name
4)     If client is providing the certificate then as my earlier mail we need to install or deploy the certificate.
5)     Login ID and Password for FTP server.
Other then this do we need any other details......... Please let me know as they are using secure proxy server connetion.
Thanks and regards,
Chinna

Hi,
>>FTP over SSH as PI doent support FTPS
PI support FTPS . It si SFTP that PI doent support
>>Now client is implementing Proxy server and PI need to send or receive the data using FTP w/ SSL through Proxy server which will be very secure connection for bank details.
Is it like XI> Proxy server> Bank, and from XI to Proxy server you have FTP connection? and you wan this connectivity to be secure? You question was not clear enough.
As i understood you shoudl have a FTP server in the Proxymachine and PI's FTP adapter will access it through FTP mode. So all these details (FTP server IP address, Port, File path and File name,etc ) will be of the FTP server (which is in the Proxy box)
Regards
Suraj

How to use a key file in the FTP Task using and SSL connection

In the past I have used this code to set the FTP pass word in an FTP component task in SSIS.
Does anyone know how to use a Key file in an SSL connection to download a file from an FTP site? If not can you tell me where I can get the C# code examples to learn how to create a script task or if there is another way in SSIS to download large files
from an SSL FTP site? Thank you for any help offered.
public void Main()
ConnectionManager FTPConn;
FTPConn = Dts.Connections["FTPServer"];
FTPConn.Properties["ServerPassword"].SetValue(FTPConn, Dts.Variables["FTPPassword"].Value);
Dts.TaskResult = (int)ScriptResults.Success;
Antonio

You can use SFTP for this.
This is a way of implementing SFTP in SSIS using standard tasks
http://visakhm.blogspot.in/2012/12/implementing-dynamic-secure-ftp-process.html
also see
http://blog.goanywheremft.com/2011/10/20/sftp-ftps-secure-ftp-transfers/
Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

SSL: how to use Multiple Private key/Certificate pair for authentication.

Hi all,
i am implementing SSL in java using X509 Certificate/private key combination.
i have two set of private key/certificate pair.
one is factory default and another is generated at run time.
my problem is to try ssl connection with both pairs on same tcp/ip connection.
e.g. on server side: first try ssl connection with factory default certificate, if it fails try connecting with generated certificate on same tcp/ip connection.
on client side: if generated certificate(this certificate was generated at server side) is present first perform server authentication using this certificate otherwise authenticate server with factory default certificate.
can someone please help and let me know how do i need to configure both ends(client and server) for achieving the same.
Thanks In Advance
Saurabh Ahuja

Client code does not contain any default truststore and needs a certificate for authentication.Of course it does. OpenSSL has a way of doing that: some kind of equivalent for the truststore. None of the stuff you've posted here about generating certificates at runtime has any bearing on that problem.
It's like this. The idea of PKI with SSL is as follows:
- the server has a private key and a signed certificate. Preferably it's signed by a CA that the client already trusts, otherwise if it's self-signed it has to be exported from the server's keystore and imported into the truststores of all the clients.
- the client has a truststore that trusts the server, one way or the other, see above.
- the server's private key is private to it. Nobody else has it. Nobody else can ever get it. If it ever leaks, the server is compromised, and server authentication via that private key now means absolutely nothing. You have lost security.
- the server sends its cert to the client along with a digital signature signed by its private key.
- the client (a) decides whether it trusts the cert, via its truststore, and (b) verifies the digital signature, which establishes that the server owns the certificate.
At this point the server is authenticated to the client and the SSL connection is open. It can now be used as an ordinary socket connection.
If you want client authentication too, you need all the above in reverse as well, i.e. reading server for client and client for server throughout. Note particularly that each client must have its own private key. Otherwise the private key isn't private, so signing something with it doesn't establish ownership, so client authentication isn't valid.
You need to understand all this stuff and relate it to the apparently broken security design of your application. Generating a private key and a certificate at runtime is complete nonsense within the context of PKI and SSL. It proves nothing, establishes nothing, authenticates nothing; it just wastes time.

How to use FTPs in SSL Sockets?

Similar Messages

Maybe you are looking for