login about faq

I get the following error when trying to connect to a particular FTP server on port 990.

    Using Implicit SSL
    ImplicitSsl: 1
    AuthTls: 0
    AuthSsl: 0
      Hostname: ftps.xyz.com
      Port: 990
      Connecting via SSL/TLS
      IdleTimeoutMs: 10000
                  sockRecv: Socket operation timeout.
                  Failed to read TLS record (2)
                  tlsRec_msg: 155
                  msgLen: 8226
                  nReadNBytes: 155
                  status: 0
            Client handshake failed. (3)
          ConnectFailReason: 103
      ConnectFailReason: 103
    Failed to connect to FTP server.

asked Sep 27 '16 at 08:11

chilkat's gravatar image

chilkat ♦♦

This was caused by the FTP server being configured for explicit SSL/TLS on port 990.

Port 990 is customarily the implicit SSL/TLS port for FTP. Implicit SSL/TLS is such that when the TCP connection is made, the TLS handshake immediately begins. Both sides, client and server, must be expecting this to occur. Otherwise one side would be "talking" the TLS handshake while the other was not (and a timeout would occur).

Explicit SSL/TLS is different. It's when TCP connection is made initially, and then later via an FTP command, the TLS handshake occurs to convert the connection to a secure channel.

Programmers often get confused by the Ftp2.Ssl and Ftp2.AuthTls properties, and often set them incorrectly. The "Ssl" property indicates implicit SSL/TLS, whereas the AuthTls property indicates explicit SSL/TLS. The AutoFix property, turned on by default, automatically fixes the problem when the programmer sets AuthTls = true for port 990. However, if some FTP administrator, not aware of the standard conventions for particular port numbers, configures the FTP server such that port 990 is for explicit TLS, then AutoFix=true will cause a problem. The solution is to set AutoFix=false, and then set AuthTls = true for port 990 (but only for the case where the FTP administrator, in my opinion, made the very poor choice of using port 990 w/ explicit TLS).


answered Sep 27 '16 at 08:36

chilkat's gravatar image

chilkat ♦♦

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Sep 27 '16 at 08:11

Seen: 2,737 times

Last updated: Sep 27 '16 at 08:36

powered by OSQA