An exception occured in certificate verifier for SSL Mode Implicit

0 votes
asked Apr 18, 2013 by Teo (120 points)
edited Apr 22, 2013

Hello,

My code is:

Ftp ftp = new Ftp();
ftp.Connect(host, 990, SslMode.Implicit);
ftp.Login(user, password);

I use the 4.0 library. I get the following exception when I try to connect:

"An exception occured in certificate verifier."
   at gbMKS.QsaHcZ.1GG6Jr(String , CertificateChain )
   at gbMKS.QsaHcZ.RYVUe(Byte[] , Int32 , Int32 , 1RjReZZ )
   at gbMKS.QsaHcZ.OnHandshakeReceived(Byte[] buffer, Int32 offset, Int32 count)
   at gbMKS.1UaphuZ.2YjOc(Byte[] , Int32 , Int32 )
   at gbMKS.1UaphuZ.1rsOcLZ()
Inner Exception:
"Object reference not set to an instance of an object."
   at Rebex.Security.Certificates.CertificateChain.17JPqSZ(String , String )
   at Rebex.Security.Certificates.CertificateChain.T2SEsZ(CertificateChainEngine , Certificate , CertificateStore , String , ValidationOptions )
   at Rebex.Security.Certificates.CertificateChain.Validate(String serverName, ValidationOptions options, CertificateChainEngine engine)
   at Rebex.Security.Certificates.CertificateChain.Validate(String serverName, ValidationOptions options)
   at Rebex.Net.CertificateVerifier.1nrbFGZ.Verify(TlsSocket socket, String commonName, CertificateChain certificateChain)
   at gbMKS.1xpVSY.Verify(TlsSocket socket, String commonName, CertificateChain certificateChain)
   at gbMKS.QsaHcZ.1GG6Jr(String , CertificateChain )

Do you know what I'm doing wrong? Thanks

Applies to: Rebex FTP/SSL
commented Apr 18, 2013 by Lukas Pokorny (102,050 points)
edited Apr 18, 2013

This looks like a bug in the certificate validation routine, possibly related to something unusual in the certificate structure. We will fix it and let you know. Thanks for reporting this!

commented Apr 18, 2013 by Lukas Pokorny (102,050 points)
edited Apr 18, 2013

In the meantime, you can work around this issue using a custom certificate verifier - see http://www.rebex.net/support/tutorial/ftp-ssl/default.aspx#validating-and-examining-server-certificates for more information.

commented Apr 19, 2013 by Frantisek Bosek (1,420 points)
edited Apr 22, 2013

I have sent the link to our hotfix release to your e-mail.

1 Answer

0 votes
answered Apr 22, 2013 by Lukas Pokorny (102,050 points)
edited Apr 22, 2013

It looks like the problem was caused by a bug in a certificate's common name checking routine. Please try the hotfix Frantisek sent you and let me know whether it solves the issue. It is possible that a different exception will be thrown instead, containing a more meaningful error message - please let me know in this case as well. Thanks!

...