I am using the Filezilla client to try to connect to an FTP Server built on the Apache FtpServer project. Normal (non-SSL) access is working fine. However, when using FTPS (FTP-over-SSL), I keep getting the following exception on the server side:
Code: Select all
javax.net.ssl.SSLHandshakeException: SSL handshake failed.
at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:495)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:796)
at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:715)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:668)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:657)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:68)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1141)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)
Caused by: javax.net.ssl.SSLHandshakeException: null cert chain
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1362)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1177)
at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1149)
at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)
at org.apache.mina.filter.ssl.SslHandler.handshake(SslHandler.java:575)
at org.apache.mina.filter.ssl.SslHandler.messageReceived(SslHandler.java:349)
at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:476)
... 15 more
Caused by: javax.net.ssl.SSLHandshakeException: null cert chain
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:278)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:266)
at sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1631)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:176)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1299)
at org.apache.mina.filter.ssl.SslHandler.doTasks(SslHandler.java:767)
at org.apache.mina.filter.ssl.SslHandler.handshake(SslHandler.java:541)
Code: Select all
keytool -genkey -keyalg RSA -alias selfsigned -keystore <PATH>/config/localhost_selfsigned.jks -storepass <PASSW> -validity 360 -keysize 2048
I am wondering, if there is a way to find out what cipher suites FileZilla supports or expects? Or is this an OS level thing?
The following post recommends switching of client authentication. How do I do this in Filezilla?
Code: Select all
http://stackoverflow.com/questions/4421536/java-ssl-clientside-authentication-with-self-signed-certificates
Cheers,
Martin