Vasiliy 0 Posted March 19 (edited) An error occurred while connecting the client to the server. All *.pem files were recreated by ICS-OpenSSL. Teach me what I'm doing wrong? Edited March 20 by Vasiliy Share this post Link to post
Angus Robertson 574 Posted March 19 You are trying to connect to port 990 which is SSL only, but your client says 'sslTypeNone'. That server sample does not create any PEM files. You would be better using the latest V9.,1 release, and the OverbyteIcsSslMultiFtpServ and OverbyteIcsXferTst samples. Angus Share this post Link to post
Vasiliy 0 Posted March 20 Thank you for responding to my request. Following your advice, I’m trying to figure out OverbyteIcsSslMultiFtpServ. Help with the file OverbyteIcsSslMultiFtpServ.ini [Host1] Hosts=192.168.0.7 HostTag=FTP Descr=Simple FTP Server BindIpAddr=0.0.0.0 BindIpAddr2=:: BindNonPort=21 BindSslPort=990 AuthSslCmd=True AuthForceSsl=True HostEnabled=True SslCert=??? SslPassword=password SslInters=??? SslSecLevel=sslSrvSecInterFS Created a list of certificates using the IcsSslBuildCerts.bat file Client.pem ClientCert.pem ClientKey.pem ClientReq.pem Root.p12 Root.pem root.srl RootCert.pem RootKey.pem RootReq.pem Server.pem ServerCA.p12 ServerCA.pem ServerCA.srl ServerCAcert.pem ServerCAkey.pem ServerCAreq.pem ServerCert.pem ServerKey.pem ServerReq.pem Tell me which ones are needed (SslCert,SslInters) for work OverbyteIcsSslMultiFtpServ? Share this post Link to post
Angus Robertson 574 Posted March 20 Can you please first update ICS to V9.1, all those files and jobs were obsolete years ago and have been removed from the distribution. You will find documentation for IcsHosts at https://wiki.overbyte.eu/wiki/index.php/TWSocketServer.IcsHosts Angus Share this post Link to post
Vasiliy 0 Posted March 20 (edited) Sorry, it's me again. Different programs, same error. I just can’t figure out what and where I need to put it so that the client can finally connect to the server and authorization occurs. Edited March 20 by Vasiliy Share this post Link to post
Angus Robertson 574 Posted March 20 Back to my reply yesterday, you are still not requesting a secure connection, just from a different demo. Beware SSL connections to IP addresses will always give certificate errors, and won't connect unless you ignore those errors, as will happen since you've left the default Verify Certificate Mode. Your server should have a domain host name, that name should be set in DNS and the IcsHosts.Hosts setting and the SSL certificate should be for that host name, and the client connects to that host name, that is what SSL/TLS is all about. ICS V9.1 will create that certificate locally if it does not exist, although for the public internet it will order a certificate from Let's Encrypt. Can not tell if the server is running correctly, the client is connecting to non-SSL port 21, you have not shown the logging for the SSL certificates chain. You get that error message because you've left the IcsHosts setting AuthForceSsl=True so it refuses to connect without SSL, FTP is very insecure without SSL sending plain text passwords. Angus Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
