[英]I cannot connect to my FTP server by FTPS with Apache FTPSClient with custom SSLContext - getting “Unrecognized SSL message, plaintext connection?”
I am writing program to connecting to FTP server by FTPS. 我正在编写程序以通过FTPS连接到FTP服务器。
Source code: 源代码:
String protocol = "TLS";
String host = "192.168.5.165";
String username = "usr";
String password = "111";
String trustStorePath = "C:/TEMP/truststore";
String trustStorePassword = "111111";
int port = 990;
FTPSClient client = new FTPSClient(protocol);
KeyStore trustStore = loadStore("JKS", new File(trustStorePath), trustStorePassword);
X509TrustManager trustManager = TrustManagerUtils.getDefaultTrustManager(trustStore);
SSLContext ctx = SSLContext.getInstance("TLSv1.1");
ctx.init(null, new TrustManager[] {trustManager}, null);
FTPSSocketFactory socketFactory = new FTPSSocketFactory(ctx);
client.setSocketFactory(socketFactory);
client.addProtocolCommandListener(new PrintCommandListener(new
PrintWriter(System.out)));
client.connect(host, port);
I imported server's certificate in my trustStore
. 我将服务器的证书导入了
trustStore
。 But after run this code I got this error: 但是运行此代码后,我得到此错误:
220 Wing FTP Server ready... (UNREGISTERED WING FTP SERVER)
AUTH TLS
234 AUTH command OK. Initializing TLS connection.
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:710)
at sun.security.ssl.InputRecord.read(InputRecord.java:527)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at org.apache.commons.net.ftp.FTPSClient.sslNegotiation(FTPSClient.java:269)
at org.apache.commons.net.ftp.FTPSClient._connectAction_(FTPSClient.java:211)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:183)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:203)
at edtesb.remsenergy.FTPSTest.test(FTPSTest.java:63)
What do I do wrong? 我做错了什么?
It seems to me, that you have overengineered it. 在我看来,您已经对其进行了过度设计。
I'm not sure I can fully understand, what your code does, but I believe that you unintentionally double-encrypt the connection. 我不确定我是否能完全理解您的代码做什么,但是我相信您无意间对连接进行了双重加密。
If you really want to connect to an implicit FTPS port 990, just use 如果您确实要连接到隐式FTPS端口990,请使用
FTPSClient client = new FTPSClient(protocol, true);
or as protocol="TLS"
is the default, this will do too: 或默认为
protocol="TLS"
,这也可以做到:
FTPSClient client = new FTPSClient(true);
client.connect(host); // 990 is default, with FTPSClient with isImplicit=true
Though as implicit FTPS is obsolete, you better use an explicit FTPS (if supported by your server, most do), by connecting to the default FTP port 21: 尽管隐式FTPS已过时,但最好通过连接默认的FTP端口21使用显式FTPS(如果服务器支持,大多数情况下):
FTPSClient client = new FTPSClient();
client.connect(host);
If you need a custom SSLContext
, just use a corresponding overload of FTPSClient
, like: 如果需要自定义
SSLContext
,只需使用相应的FTPSClient
重载,例如:
FTPSClient client = new FTPSClient(ctx);
client.connect(host);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.