1.2k questions

1.4k answers

361 comments

339 users

Categories

Sidebar
0 votes
834 views
by brandon-w-8204 (34.1k points)
edited by brandon-w-8204
I get an error "234 AUTH command OK. Initializing SSL connection. java.security.cert.CertificateExpiredException: NotAfter:" error when I try to connect to a FTPS site that has an expired Certificate. However I can use other FTP applications and it will connect.

1 Answer

0 votes

QIE can accept an expired certificate if it is in a Java truststore and specified on the FTP connection.

1. Download the FTPS certifcate

Us FireFTP add-on for FireFox which enables FTPS protocol and stores certificate in FireFox default store. Install add-on and just type in address bar ftps://your.site and connect. Then export the certificate from tools->options->advanced->encryption->vew certs.

OpenSSL has a command line you can use to get the certificate

openssl s_client -showcerts -connect ftp.site.com:990

2. Create a Java truststore

1. Import the .cer file into qie under the certificates.
2. Export the certificate as a Java Key Store and set a password.
3. Save the .jks file in a location that QIE can access on the qie server. Example: C:\programdata\qie\SSL

3. Add the Custom Camel Parameter.

ftpClient.trustStore.file = C:\programdata\qie\SSL\javatruststore.jks
ftpClient.trustStore.type = JKS
ftpClient.trustStore.algorithm = SunX509
ftpClient.trustStore.password = jksPassword

by brandon-w-8204 (34.1k points)
edited by brandon-w-8204
...