0

我正在尝试将文件上传到 FTP 服务器 (FTPS)。运行以下代码会产生异常:

根据验证程序,远程证书无效。

编码:

static void Main(string[] args)
{
    FTPFactory ftp = new FTPFactory();

    ftp.setDebug(true);
    ftp.setRemoteHost("ftps.host");
    //Connect to SSL Port (5920)
    ftp.setRemotePort(5920);
    ftp.loginWithoutUser();

    string cmd = "AUTH SSL";
    ftp.sendCommand(cmd);

    //Create SSL Stream
        ftp.getSslStream();
        ftp.setUseStream(true);
    //Login  FTP Secure
    //     ftp.setRemoteUser(Settings.Default.TargetFtpSecureUser);
    ftp.setRemoteUser("user");
    //  ftp.setRemotePass(Settings.Default.TargetFtpSecurePass);
    ftp.setRemotePass("pass");
    ftp.login();

    //Set ASCII Mode
    ftp.setBinaryMode(false);


    //Upload file

    // Send Argument if you want
    // cmd = "site arg1 arg2";
    // ftp.sendCommand(cmd);

    ftp.upload("", false);
    ftp.uploadSecure(@"Filepath", false);

    ftp.close();
}
catch (Exception e)
{
    Console.WriteLine("Caught Error :" + e.Message);
}
}

这是 FTPFactory 类:

using System;
using System.Net.Sockets;

namespace FTP_DLL
{
    public class FTPFactory
    {
        public FTPFactory();

        public void chdir(string dirName);
        public void close();
        public Socket createDataSocket();
        public void deleteRemoteFile(string fileName);
        public void download(string remFileName);
        public void download(string remFileName, bool resume);
        public void download(string remFileName, string locFileName);
        public void download(string remFileName, string locFileName, bool resume);
        public string[] getFileList(string mask);
        public long getFileSize(string fileName);
        public string getRemoteHost();
        public string getRemotePath();
        public int getRemotePort();
        public void getSslStream();
        public void getSslStream(Socket Csocket);
        public void login();
        public void loginWithoutUser();
        public void mkdir(string dirName);
        public void renameRemoteFile(string oldFileName, string newFileName);
        public void rmdir(string dirName);
        public void sendCommand(string command);
        public void setBinaryMode(bool mode);
        public void setDebug(bool debug);
        public void setRemoteHost(string remoteHost);
        public void setRemotePass(string remotePass);
        public void setRemotePath(string remotePath);
        public void setRemotePort(int remotePort);
        public void setRemoteUser(string remoteUser);
        public void setUseStream(bool value);
        public void upload(string fileName, bool resume);
        public void uploadSecure(string fileName, bool resume);
    }
}
4

2 回答 2

0

我建议看看这篇文章

听起来,问题在于 FTP 服务器正在查看您的应用程序的证书,而不是接受它。正如他们在文章中解释的那样,有一些插件允许您为您的应用程序获取/制作符合您的 FTP 服务器的证书。

于 2014-04-30T17:40:52.373 回答
0

我没有看到任何表明这是客户端证书问题的信息。您确定服务器上的证书与您使用的 DNS 名称或 IP 地址匹配且未过期吗?

我不熟悉您使用的 FTPFactory 类。您应该包含一个指向该网站的链接。

但是,如果用于执行 SSL 连接的基础类是 .NET Framework 的一部分,您可以通过设置ServicePointManager.ServerCertificateValidationCallback为如下所示的委托来更改证书验证行为。其他库也可能具有覆盖证书验证行为的机制。

虽然这对于测试来说很好,但我不建议在生产代码中绕过证书验证。服务器提供的证书应该是固定的。

    public static bool ServicePointManager_ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        bool allowCertificate = true;

        if (sslPolicyErrors != SslPolicyErrors.None)
        {
            Console.WriteLine("Accepting the certificate with errors:");
            if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateNameMismatch) == SslPolicyErrors.RemoteCertificateNameMismatch)
            {
                Console.WriteLine("\tThe certificate subject {0} does not match.", certificate.Subject);
            }

            if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors) == SslPolicyErrors.RemoteCertificateChainErrors)
            {
                Console.WriteLine("\tThe certificate chain has the following errors:");
                foreach (X509ChainStatus chainStatus in chain.ChainStatus)
                {
                    Console.WriteLine("\t\t{0}", chainStatus.StatusInformation);

                    if (chainStatus.Status == X509ChainStatusFlags.Revoked)
                    {
                        allowCertificate = false;
                    }
                }
            }

            if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateNotAvailable) == SslPolicyErrors.RemoteCertificateNotAvailable)
            {
                Console.WriteLine("No certificate available.");
                allowCertificate = false;
            }

            Console.WriteLine();
        }

        return allowCertificate;
    }
于 2016-01-19T17:07:15.717 回答