[jira] Closed: (FTPSERVER-215) Secured data channel in active mode would require the server to have a public certificate for every client.

David Latorre (JIRA) Mon, 10 Nov 2008 00:03:39 -0800

     [ 
https://issues.apache.org/jira/browse/FTPSERVER-215?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


David Latorre closed FTPSERVER-215.
-----------------------------------

    Resolution: Invalid

Having the server call setUseClientMode() as it already does should be enough.

> Secured data channel in active mode would require the server to have a public 
> certificate for every client.
> -----------------------------------------------------------------------------------------------------------
>
>                 Key: FTPSERVER-215
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-215
>             Project: FtpServer
>          Issue Type: Improvement
>          Components: Core
>    Affects Versions: 1.0-M1, 1.0-M2, 1.0-M3, 1.0-M4
>            Reporter: David Latorre
>             Fix For: 1.0-M4
>
>
> In "active mode" , the FtpServer itself will try to open a connection to a 
> client-reported host and port.  
> In this case, if we were using a  SSL connection, the server opens a 
> connection to the client so it will receive the client's public certificate 
> and will try and check it against its TrustStore. 
> To my mind, when we are not checking the client certificate we shouldn't 
> check it in Active data connections either. So we should provide our own 
> TrustManager for this.
>  

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Closed: (FTPSERVER-215) Secured data channel in active mode would require the server to have a public certificate for every client.

Reply via email to