[
https://issues.apache.org/jira/browse/NET-687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17407704#comment-17407704
]
Vladimir I commented on NET-687:
--------------------------------
[~ggregory]
I am looking for a solution.
At first, would be nice to decide if an encrypted control channel should lead
to encryption in the data channels. Second to decide if `execPROT` is mandatory
or optional.
> [FTPS] javax.net.ssl.SSLException: Unsupported or unrecognized SSL message
> --------------------------------------------------------------------------
>
> Key: NET-687
> URL: https://issues.apache.org/jira/browse/NET-687
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.7
> Environment: Tested with JDK 8, 11, 13, 14
> Reporter: Mikael
> Priority: Major
> Fix For: 3.7.1
>
>
> After adding the self signed polynesie.cer certificate to JVM security
> (_jdk-x.x.x/lib/security_) :
> {code:java}
> keytool.exe -import -storepass "changeit" -keystore "./cacerts" -alias
> polynesie.cer -file ./polynesie.cer -noprompt{code}
> polynesie.cer obtained by copying certificate part from this command line
> result :
> {code:java}
> openssl s_client -connect ftp0.gov.pf:21 -starttls ftp{code}
> Trying to retrieve a file with ftpes :
> {code:java}
> java -cp commons-net-examples-3.5.jar;commons-net-3.5.jar
> examples/ftp/FTPClientExample -A -p TLS,false -e -b ftp0.gov.pf
> DataVRS/fiche_Station_VRS_VAI1.pdf fiche_Station_VRS_VAI1.pdf{code}
> Produce this exception :
> {code:java}
> javax.net.ssl.SSLException: Unsupported or unrecognized SSL message
> at
> java.base/sun.security.ssl.SSLSocketInputRecord.handleUnknownRecord(Unknown
> Source)
> at java.base/sun.security.ssl.SSLSocketInputRecord.decode(Unknown
> Source)
> at java.base/sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
> at java.base/sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
> at
> java.base/sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source)
> at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown
> Source)
> at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown
> Source)
> at
> org.apache.commons.net.ftp.FTPSClient._openDataConnection_(FTPSClient.java:642)
> at
> org.apache.commons.net.ftp.FTPClient._retrieveFile(FTPClient.java:1907)
> at
> org.apache.commons.net.ftp.FTPClient.retrieveFile(FTPClient.java:1893)
> at testFTP2.FTPClientExample.main(FTPClientExample.java:513)
> {code}
> It is probably the same error of ssl_reuse session as NET-408.
> Same try with ftp4j library reports this error :
> {code:java}
> code=522, message= SSL connection failed; session reuse required: see
> require_ssl_reuse option in vsftpd.conf man page
> {code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
