Page 1 of 1

"Received certificate chain could not be verified. Verification status is 1048576."

Posted: 2019-04-14 17:59
by riahc3
Im trying to connect via plain FTP to port 21 to a IIS FTP site and I get this error message

Received certificate chain could not be verified. Verification status is 1048576.

Why is it trying to connect via FTPS instead of FTP? And on top of that, how do I fix that error?

Re: "Received certificate chain could not be verified. Verification status is 1048576."

Posted: 2019-04-14 23:06
by boco
FileZilla always attempts to connect using FTP over TLS first. This is to ensure that any clueless user does not miss out on encryption if (s)he simply enters the server Hostname. Plain FTP is used if the server rejects the AUTH TLS and AUTH SSL commands. Badly configured servers are not supported and will fail.

Forcing plain FTP is only possible through the Site Manager (set Encryption to Plain (Insecure)).

Re: "Received certificate chain could not be verified. Verification status is 1048576."

Posted: 2019-04-15 06:52
by botg
The server has stapled invalid OCSP response to the handshake. Contact your server administrator or server hosting provider for assistance so that the server can be fixed.

Re: "Received certificate chain could not be verified. Verification status is 1048576."

Posted: 2019-04-15 18:36
by riahc3
botg wrote:
2019-04-15 06:52
The server has stapled invalid OCSP response to the handshake. Contact your server administrator or server hosting provider for assistance so that the server can be fixed.
I am server administrator.

This is odd.... It seems it cannot reach http://localhost/CertEnroll/MyCA.domain ... -we.CA.crt when I can indeed access it and read it.

Re: "Received certificate chain could not be verified. Verification status is 1048576."

Posted: 2019-04-15 19:02
by riahc3
I decided to remove that... http://localhost/ocsp was working so I just attach one location and thats it.

Re: "Received certificate chain could not be verified. Verification status is 1048576."

Posted: 2019-04-15 19:04
by riahc3
botg wrote:
2019-04-15 06:52
The server has stapled invalid OCSP response to the handshake. Contact your server administrator or server hosting provider for assistance so that the server can be fixed.
BTW, might want to fix that error message as it leads to false searching. The certificate chain is and was correct.