[英]FTPSClient authentication to an FTP server using a digital certificate or private key
I have a working prototype of a Java application that is using Apache Commons Net FTPSClient to connect to a FileZilla server over SSL (port 990 for what it is worth). 我有一个Java应用程序的工作原型,该原型使用Apache Commons Net FTPSClient通过SSL(价值990端口)连接到FileZilla服务器。
No problem. 没问题。 The problem is, the application is currently maintaining the credentials of the FTP user in the form of a username and password.
问题是,应用程序当前正在以用户名和密码的形式维护FTP用户的凭据。
Is it possible to perform authentication of the FTP user (as in FTP login, not just SSL negotiation/validation) by supplying a client certificate/public key? 是否可以通过提供客户端证书/公钥来对FTP用户进行身份验证(与FTP登录一样,而不仅仅是SSL协商/验证)?
I know I can do this with SCP or SFTP because the SSH server handles that just great. 我知道我可以使用SCP或SFTP做到这一点,因为SSH服务器可以很好地处理这一问题。 If that's the right solution then so be it, but I don't want to give up on FTPS until I understand.
如果那是正确的解决方案,那就这样吧,但是在我理解之前,我不想放弃FTPS。
So question has two parts: 因此问题有两个部分:
a) are there any implementations of FTP servers that support SSL (FTPS) and client authentication/login via certificate? a)是否有支持SSL(FTPS)和通过证书进行客户端身份验证/登录的FTP服务器的任何实现?
b) How to get org.apache.commons.net.ftp.FTPSClient to do this? b)如何获得org.apache.commons.net.ftp.FTPSClient执行此操作?
a) Yes plenty of servers support client authentication via certificate. a)是,很多服务器都支持通过证书进行客户端身份验证。 CompleteFTP on Windows is one, ProFTPD on Unix is another.
Windows上是CompleteFTP ,而Unix上是ProFTPD。 One thing to note though is that port 990 is normally associated with implicit mode FTPS, which is deprecated.
不过要注意的一件事是,端口990通常与隐式模式FTPS关联,该模式已被弃用。
b) Not sure about FTPSClient, but easy to do in edtFTPj/PRO . b)不确定FTPSClient,但可以在edtFTPj / PRO中轻松实现。 See this link for a howto.
请参阅此链接以获取指导。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.