Archived Forum Post

Index of archived forum posts

Question:

Failed to convert data connection to TLS

Jun 15 '16 at 12:45
     Ftp2 client = new Ftp2();
            client.Username = user;
            client.Password = pass;
            client.Hostname = server;
            client.Ssl = true;
            client.AuthTls = true;
            client.Port = 21;
            client.Passive = true;
            client.UnlockComponent("Start my 30-day Trial");
            client.RequireSslCertVerify = true;
            client.SetSslCertRequirement("SubjectCN","XXXXXXXXXXXXXXXXXXXXX");
            bool connected = client.Connect();
            Console.WriteLine(client.LastErrorText);
            var cert = client.GetSslServerCert();
            bool dirworked = client.ChangeRemoteDir(ftpDownloadDirectory);
            Console.WriteLine(client.LastErrorText);

var dir = client.DirTreeXml();
            Console.WriteLine(client.LastErrorText);
            Console.WriteLine(dir);

bool worked = client.DownloadTree(localDirectory);
            Console.WriteLine(client.LastErrorText);

ChilkatLog:
  Connect_Ftp2:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Start my 30-day Trial
    Username: SUS-HP-1423-HP:Bill.Nortman
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    ProgressMonitoring:
      enabled: yes
      heartbeatMs: 0
      sendBufferSize: 65536
    --ProgressMonitoring
    AutoFix: Port is 21, thefore should not be implicit SSL/TLS.
    To prevent auto-fix, set the AutoFix property = False/0
    ImplicitSsl: 0
    AuthTls: 1
    AuthSsl: 0
    ftpConnect:
      Hostname: sftp.smartusys.net
      Port: 21
      IdleTimeoutMs: 60000
      socketOptions:
        SO_SNDBUF: 262144
        SO_RCVBUF: 4194304
        TCP_NODELAY: 1
        SO_KEEPALIVE: 0
      --socketOptions
      readCommandResponse:
        replyLineQP: 220 Microsoft FTP Service
      --readCommandResponse
      initialStatus: 220
      initialResponse: 220 Microsoft FTP Service
      converting to secure connection...
      authTls:
        simpleCommand:
          sendCommand:
            sendingCommand: AUTH TLS
          --sendCommand
          readCommandResponse:
            replyLineQP: 234 AUTH command ok. Expecting TLS Negotiation.
          --readCommandResponse
        --simpleCommand
        clientHandshake:
          clientHandshake2:
            buildClientKeyExchange:
              buildClientKeyExchangeECDHE:
                Verified server key exchange.
              --buildClientKeyExchangeECDHE
            --buildClientKeyExchange
          --clientHandshake2
        --clientHandshake
        simpleCommand:
          sendCommand:
            sendingCommand: PBSZ 0
          --sendCommand
          readCommandResponse:
            replyLineQP: 200 PBSZ command successful.
          --readCommandResponse
        --simpleCommand
        simpleCommand:
          sendCommand:
            sendingCommand: PROT P
          --sendCommand
          readCommandResponse:
            replyLineQP: 200 PROT command successful.
          --readCommandResponse
        --simpleCommand
      --authTls
      successfully converted to secure connection...
    --ftpConnect
    Logging in...
    Login:
      sendCommand:
        sendingCommand: USER Central_Iron-PROD
      --sendCommand
      readCommandResponse:
        replyLineQP: 331 Password required
      --readCommandResponse
      sendCommand:
        sendingCommand: PASS *
      --sendCommand
      readCommandResponse:
        replyLineQP: 230 User logged in.
      --readCommandResponse
      FTP authentication successful.
      setTransferMode:
        simpleCommand:
          sendCommand:
            sendingCommand: TYPE I
          --sendCommand
          readCommandResponse:
            replyLineQP: 200 Type set to I.
          --readCommandResponse
        --simpleCommand
      --setTransferMode
    --Login
    Login successful.
    syst:
      simpleCommand:
        sendCommand:
          sendingCommand: SYST
        --sendCommand
        readCommandResponse:
          replyLineQP: 215 Windows_NT
        --readCommandResponse
      --simpleCommand
    --syst
    Syst: Windows_NT
    simpleCommand:
      sendCommand:
        sendingCommand: FEAT
      --sendCommand
      readCommandResponse:
        replyLineQP: 211-Extended features supported:
        replyLineQP:  LANG EN*
        replyLineQP:  UTF8
        replyLineQP:  AUTH TLS;TLS-C;SSL;TLS-P;
        replyLineQP:  PBSZ
        replyLineQP:  PROT C;P;
        replyLineQP:  CCC
        replyLineQP:  HOST
        replyLineQP:  SIZE
        replyLineQP:  MDTM
        replyLineQP:  REST STREAM
        replyLineQP: 211 END
      --readCommandResponse
    --simpleCommand
    Sending OPTS UTF8 ON
    simpleCommand:
      sendCommand:
        sendingCommand: OPTS UTF8 ON
      --sendCommand
      readCommandResponse:
        replyLineQP: 200 OPTS UTF8 command successful - UTF8 encoding now ON.
      --readCommandResponse
    --simpleCommand
    Success.
  --Connect_Ftp2
--ChilkatLog

ChilkatLog:
  ChangeRemoteDir:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Start my 30-day Trial
    Username: SUS-HP-1423-HP:Bill.Nortman
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    dir: /susprod/billing/Central Iron_inputfiles
    changeRemoteDir:
      simplePathCommand:
        simpleCommand:
          lastWasIntermediate:
            readCommandResponse:
              replyLineQP: 550 The client and server cannot communicate, because they do not possess a=
 common algorithm.
            --readCommandResponse
          --lastWasIntermediate
          sendCommand:
            sendingCommand: CWD /susprod/billing/Central Iron_inputfiles
          --sendCommand
          readCommandResponse:
            replyLineQP: 250 CWD command successful.
          --readCommandResponse
        --simpleCommand
      --simplePathCommand
    --changeRemoteDir
    Success.
  --ChangeRemoteDir
--ChilkatLog

ChilkatLog:
  DirTreeXml:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Start my 30-day Trial
    Username: SUS-HP-1423-HP:Bill.Nortman
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    ProgressMonitoring:
      enabled: yes
      heartbeatMs: 0
      sendBufferSize: 65536
    --ProgressMonitoring
    downloadDir:
      fetchDirListing:
        fetchDirListing2:
          convertDataConnToSsl:
            Failed to convert data connection to TLS
          --convertDataConnToSsl
        --fetchDirListing2
      --fetchDirListing
      Failed to download directory listing
    --downloadDir
  --DirTreeXml
--ChilkatLog

ChilkatLog:
  Connect_Ftp2:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Start my 30-day Trial
    Username: SUS-HP-1423-HP:Bill.Nortman
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    ProgressMonitoring:
      enabled: yes
      heartbeatMs: 0
      sendBufferSize: 65536
    --ProgressMonitoring
    AutoFix: Port is 21, thefore should not be implicit SSL/TLS.
    To prevent auto-fix, set the AutoFix property = False/0
    ImplicitSsl: 0
    AuthTls: 1
    AuthSsl: 0
    ftpConnect:
      Hostname: sftp.smartusys.net
      Port: 21
      IdleTimeoutMs: 60000
      socketOptions:
        SO_SNDBUF: 262144
        SO_RCVBUF: 4194304
        TCP_NODELAY: 1
        SO_KEEPALIVE: 0
      --socketOptions
      readCommandResponse:
        replyLineQP: 220 Microsoft FTP Service
      --readCommandResponse
      initialStatus: 220
      initialResponse: 220 Microsoft FTP Service
      converting to secure connection...
      authTls:
        simpleCommand:
          sendCommand:
            sendingCommand: AUTH TLS
          --sendCommand
          readCommandResponse:
            replyLineQP: 234 AUTH command ok. Expecting TLS Negotiation.
          --readCommandResponse
        --simpleCommand
        clientHandshake:
          clientHandshake2:
            buildClientKeyExchange:
              buildClientKeyExchangeECDHE:
                Verified server key exchange.
              --buildClientKeyExchangeECDHE
            --buildClientKeyExchange
          --clientHandshake2
        --clientHandshake
        simpleCommand:
          sendCommand:
            sendingCommand: PBSZ 0
          --sendCommand
          readCommandResponse:
            replyLineQP: 200 PBSZ command successful.
          --readCommandResponse
        --simpleCommand
        simpleCommand:
          sendCommand:
            sendingCommand: PROT P
          --sendCommand
          readCommandResponse:
            replyLineQP: 200 PROT command successful.
          --readCommandResponse
        --simpleCommand
      --authTls
      successfully converted to secure connection...
    --ftpConnect
    Logging in...
    Login:
      sendCommand:
        sendingCommand: USER Central_Iron-PROD
      --sendCommand
      readCommandResponse:
        replyLineQP: 331 Password required
      --readCommandResponse
      sendCommand:
        sendingCommand: PASS *
      --sendCommand
      readCommandResponse:
        replyLineQP: 230 User logged in.
      --readCommandResponse
      FTP authentication successful.
      setTransferMode:
        simpleCommand:
          sendCommand:
            sendingCommand: TYPE I
          --sendCommand
          readCommandResponse:
            replyLineQP: 200 Type set to I.
          --readCommandResponse
        --simpleCommand
      --setTransferMode
    --Login
    Login successful.
    syst:
      simpleCommand:
        sendCommand:
          sendingCommand: SYST
        --sendCommand
        readCommandResponse:
          replyLineQP: 215 Windows_NT
        --readCommandResponse
      --simpleCommand
    --syst
    Syst: Windows_NT
    simpleCommand:
      sendCommand:
        sendingCommand: FEAT
      --sendCommand
      readCommandResponse:
        replyLineQP: 211-Extended features supported:
        replyLineQP:  LANG EN*
        replyLineQP:  UTF8
        replyLineQP:  AUTH TLS;TLS-C;SSL;TLS-P;
        replyLineQP:  PBSZ
        replyLineQP:  PROT C;P;
        replyLineQP:  CCC
        replyLineQP:  HOST
        replyLineQP:  SIZE
        replyLineQP:  MDTM
        replyLineQP:  REST STREAM
        replyLineQP: 211 END
      --readCommandResponse
    --simpleCommand
    Sending OPTS UTF8 ON
    simpleCommand:
      sendCommand:
        sendingCommand: OPTS UTF8 ON
      --sendCommand
      readCommandResponse:
        replyLineQP: 200 OPTS UTF8 command successful - UTF8 encoding now ON.
      --readCommandResponse
    --simpleCommand
    Success.
  --Connect_Ftp2
--ChilkatLog

ChilkatLog:
  ChangeRemoteDir:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Start my 30-day Trial
    Username: SUS-HP-1423-HP:Bill.Nortman
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    dir: /susprod/billing/Central Iron_inputfiles
    changeRemoteDir:
      simplePathCommand:
        simpleCommand:
          lastWasIntermediate:
            readCommandResponse:
              replyLineQP: 550 The client and server cannot communicate, because they do not possess a=
 common algorithm.
            --readCommandResponse
          --lastWasIntermediate
          sendCommand:
            sendingCommand: CWD /susprod/billing/Central Iron_inputfiles
          --sendCommand
          readCommandResponse:
            replyLineQP: 250 CWD command successful.
          --readCommandResponse
        --simpleCommand
      --simplePathCommand
    --changeRemoteDir
    Success.
  --ChangeRemoteDir
--ChilkatLog

ChilkatLog:
  DirTreeXml:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Start my 30-day Trial
    Username: SUS-HP-1423-HP:Bill.Nortman
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    ProgressMonitoring:
      enabled: yes
      heartbeatMs: 0
      sendBufferSize: 65536
    --ProgressMonitoring
    downloadDir:
      fetchDirListing:
        fetchDirListing2:
          convertDataConnToSsl:
            Failed to convert data connection to TLS
          --convertDataConnToSsl
        --fetchDirListing2
      --fetchDirListing
      Failed to download directory listing
    --downloadDir
  --DirTreeXml
--ChilkatLog


Answer

Google the error message "550 The client and server cannot communicate, because they do not possess a common algorithm."

This is what I found at http://stackoverflow.com/questions/26742054/the-client-and-server-cannot-communicate-because-they-do-not-possess-a-common-a

This was resolved. It turns out our IT Staff was correct. Both TLS 1.1 and TLS 1.2 were installed on the server. However, the issue was that our sites are running as ASP.NET 4.0 and you have to have ASP.NET 4.5 to run TLS 1.1 or TLS 1.2. So, to resolve the issue, our IT Staff had to reenable TLS 1.0 to allow a connection with PayTrace.

So in short, the error message, "the client and server cannot communicate, because they do not possess a common algorithm", was caused because there was no SSL Protocol available on the server to communicate with PayTrace's servers.

Chilkat supports TLS 1.0, 1.1, and 1.2. The server is the side that actually chooses the TLS protocol version. Chilkat will work with whatever the server decides. This seems to be a problem that requires a fix on the server-side.