drazde 0 Posted June 26, 2019 (edited) I have the 8.58 version of ICS. I must connet to a server with SSL protocol (sslTypeAuthTls); le connection works, but when I try to transfer a file I give this error: Error 425 Can't open data connection I'm not behind a firewall. If I try to send a file with FileZilla it works UPDATE: with sslTypeAuthTls I also connect, but I have the error 522 Thanks in advance Edited June 26, 2019 by drazde Share this post Link to post
Angus Robertson 574 Posted June 26, 2019 Make sure you are using passive mode, necessary for SSL. I transfer hundreds of files a day using SSL FTP between my office and hosted servers, ICS tools at both ends. Angus Share this post Link to post
drazde 0 Posted June 26, 2019 (edited) 1 hour ago, Angus Robertson said: Make sure you are using passive mode, necessary for SSL. I transfer hundreds of files a day using SSL FTP between my office and hosted servers, ICS tools at both ends. Angus Hi, I also use passive mode (and I also disable the windows firewall...) I use try also with the sample OverbyteIcsSslFtpTst and I do the following step 1. set host, password.... 2. set SSL Type (TLS or SSL) 3. connect (and works) 4. put a file.... and doesn't work, the server give me error 425, I find a file on the FTP but it is empty 😞 I try also doing Pbsz and Prot before put the file but without success Probably I missing something but I can't underestand what Edited June 26, 2019 by drazde Share this post Link to post
Angus Robertson 574 Posted June 26, 2019 Try using the new sample OverbyteIcsXferTst.dpr added in V8.60, it uses the new TIcsFtpMulti component that hides most of the FTP protocol from you, just allowing you to download or upload multiple files. Angus Share this post Link to post
drazde 0 Posted June 27, 2019 16 hours ago, Angus Robertson said: Try using the new sample OverbyteIcsXferTst.dpr added in V8.60, it uses the new TIcsFtpMulti component that hides most of the FTP protocol from you, just allowing you to download or upload multiple files. Angus OK, I update the version of ICS at 8.61. With OverbyteIcsSslFtpTst sample I have the same problem, but with OverbyteIcsXferTst I can copy the files. Ok for many aspects FtpMultiClient is less complex but i must change many rows of my code! I'd rather use TSslFtpClient... but if I can't I will use FtpMultiClient Share this post Link to post
Angus Robertson 574 Posted June 27, 2019 TIcsFtpMulti uses TSslFtpClient, look at the log of commands it uses to see what it is doing that you missed in your application. Sorry, wrote it over 10 years ago although only recently added to ICS, can not remember the tricks it uses. If you want to keep it simple, FtpDownOneFile and FtpUpOneFile just do one file without any indexing. Angus Share this post Link to post
drazde 0 Posted June 27, 2019 24 minutes ago, Angus Robertson said: TIcsFtpMulti uses TSslFtpClient, look at the log of commands it uses to see what it is doing that you missed in your application. Sorry, wrote it over 10 years ago although only recently added to ICS, can not remember the tricks it uses. If you want to keep it simple, FtpDownOneFile and FtpUpOneFile just do one file without any indexing. Angus Ok, thanks for all! I saw the comands in the log, I must follow the command like you tell. If TIcsFtpMulti uses TSslFtpClient the is something I have miss! Share this post Link to post
drazde 0 Posted July 5, 2019 (edited) [SOLVED] I found where was the problem. The client don't use the cached SSL session! so the server reject the transfer This was the log on the tls.log 2019-07-05 09:41:54,739 mod_tls/2.6[26250]: starting TLS negotiation on data connection 2019-07-05 09:41:54,745 mod_tls/2.6[26250]: client did not reuse SSL session, rejecting data connection (see the NoSessionReuseRequired TLSOptions parameter) 2019-07-05 09:41:54,745 mod_tls/2.6[26250]: unable to open data connection: TLS negotiation failed I set the property SslSessionCacheModes with sslSESS_CACHE_CLIENT And now it works, It transfer the file! Edited July 5, 2019 by drazde Share this post Link to post
Angus Robertson 574 Posted July 5, 2019 Pleased you got it working. Session caching is poorly documented in ICS, all written by a previous developer and I don't really understand it. But the new high level components I've added in the last couple of years like TIcsFtpMulti, TSslHttpRest and IcsHosts for servers, handle most the SSL implementation like SSL context and session caching, so the application does not need to worry about it, and that's why TIcsFtpMulti worked. Angus Share this post Link to post