Unable to connect to secure ftp server.

0 votes
asked Apr 9 by yehuda (120 points)

When trying
ftp.Connect(hostName, port, SslMode.Explicit);
I am getting error: TlsException: Fatal error 'HandshakeFailure' has been reported by the remote connection end.

Here's the log
2020-04-09 16:13:23.858 INFO Ftp(1)[12] Response: 234 Proceed with negotiation.
2020-04-09 16:13:23.859 DEBUG Ftp(1)[12] Info: Upgrading control connection to TLS.
2020-04-09 16:13:23.923 DEBUG Ftp(1)[12] TLS: Using classic TLS core.
2020-04-09 16:13:23.944 DEBUG Ftp(1)[12] TLS: Enabled cipher suites: 0x000FFDF7FFE0E640.
2020-04-09 16:13:23.967 DEBUG Ftp(1)[12] TLS: Applicable cipher suites: 0x000FFDF7FFE0E640.
2020-04-09 16:13:23.975 DEBUG Ftp(1)[12] TLS: HandshakeMessage:ClientHello was sent.
2020-04-09 16:13:24.057 INFO Ftp(1)[12] TLS: Alert Alert:Alert was received.
2020-04-09 16:13:24.074 DEBUG Ftp(1)[12] TLS: Error while processing TLS packet: Rebex.Net.TlsException: Fatal error 'HandshakeFailure' has been reported by the remote connection end.
at pvhj.rhew(Byte[] fgw, Int32 fgx, Int32 fgy)
at pvhg.cskb(Byte[] bdi, Int32 bdj, Int32 bdk)
at pvhg.cskf()
2020-04-09 16:13:24.077 DEBUG Ftp(1)[12] TLS: Closing TLS socket.
2020-04-09 16:13:24.080 ERROR Ftp(1)[12] Info: Rebex.Net.TlsException: Fatal error 'HandshakeFailure' has been reported by the remote connection end. ---> Rebex.Net.TlsException: Fatal error 'HandshakeFailure' has been reported by the remote connection end. ---> Rebex.Net.TlsException: Fatal error 'HandshakeFailure' has been reported by the remote connection end.
at pvhj.rhew(Byte[] fgw, Int32 fgx, Int32 fgy)
at pvhg.cskb(Byte[] bdi, Int32 bdj, Int32 bdk)
at pvhg.cskf()
--- End of inner exception stack trace ---
at pvhg.cskf()
at pvhg.cskm()
at pvhd.qhtq()
at Rebex.Net.TlsSocket.tfpw()
at Rebex.Net.TlsSocket.Negotiate()
at gjon.gjmn(TlsParameters acu)
at Rebex.Net.Ftp.jhav(TlsParameters fj, FtpSecureUpgradeType fk)
at Rebex.Net.Ftp.jham(String fa, Int32 fb, TlsParameters fc, SslMode fd, FtpSecureUpgradeType fe)
--- End of inner exception stack trace ---
at Rebex.Net.Ftp.jham(String fa, Int32 fb, TlsParameters fc, SslMode fd, FtpSecureUpgradeType fe)

1 Answer

0 votes
answered Apr 9 by Lukas Matyska (56,550 points)

The server closed the connection just after receiving the ClientHello. This typically means that the client and server have no common TLS cipher suites, TLS versions, or similar.

I can suggest you for now to enable all TLS cipher suites and all TLS versions. It can be done like this:

ftp.Settings.SslAllowedSuites = TlsCipherSuite.All;
ftp.Settings.SslAllowedVersions = TlsVersion.Any;

Alternatively try also:

ftp.Settings.SslAllowedVersions = TlsVersion.TLS13;

Does server log contains some information about connection closure?

Are you able to connect to the server using any third-party application?

commented Apr 10 by yehuda (120 points)
edited Apr 10 by yehuda
Eventually, I was able to get the info from the Server administrator.
Once Tls level and ciphers were coordinated, everything went well.
commented Apr 14 by Lukas Matyska (56,550 points)
Thank you for the info.
...