login about faq

Can anyone point me to any kind of documentation how ChilKat FTP2 validates the FTPS server certificate (on windows)?

1- Does it use the windows certificate stores or does it have some built in cert bundle? 2- Can I call the certificate validation that ChilKat uses manually? For example, ConnectOnly() followed by GetSslServerCert() and my own validation. Then if my own validation fails, I would like to fall back to ChilKat's SSL certificate validation.

asked Nov 08 '16 at 12:41

rkamal's gravatar image


edited Nov 08 '16 at 12:43

The checks associated with the RequireSslCertVerify property are (1) verify that the certificate is not expired, and (2) verify the cert's signature with the issuer cert, then that issuer's certificate signature with its issuer, and so on, up to the root CA certificate (or a self-signed certificate). If all signatures are valid to the "root", then the question is: "Is the root trusted?". The answer to that has to do with the TrustedRoots class. The default is that the certs stored in the CA (registry-based) cert stores are trusted. You can explicitly identify root CA certs that your application will trust (and trust no others) via the TrustedRoots API.

You might also want to check out the TlsPinSet property, which is a standard property on any object that makes TLS connections. Here's an example with HTTP. The coding is no different w/ FTP, IMAP, etc. because it's just a matter of setting the property.



answered Nov 08 '16 at 13:14

chilkat's gravatar image

chilkat ♦♦

Thanks for the quick response!

(Nov 08 '16 at 13:28) rkamal
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Nov 08 '16 at 12:41

Seen: 804 times

Last updated: Nov 08 '16 at 13:28

powered by OSQA