C
C
Using WS_FTP Self-signed Certificate file (.crt) and Private Key File. (.key)
See more FTP Examples
Demonstrates how to use a self-signed certificate created by WS_FTP with Chilkat FTP2.Note: It is usually not necessary for the FTP client to use a client-side certificate. Most FTP servers using SSL and TLS connections (explicit or implicit) do not require client-side certs. In addition, some high-security FTP servers require "real" certificates -- meaning certificates issued by a real certificate authority with a chain of authentication that leads to a trusted root certificate. The certificates created by WS_FTP are self-signed and untrusted.
Chilkat C Downloads
#include <C_CkFtp2.h>
#include <C_CkCertStore.h>
#include <C_CkJsonObject.h>
#include <C_CkCert.h>
void ChilkatSample(void)
{
BOOL success;
HCkFtp2 ftp;
HCkCertStore certStore;
HCkJsonObject jsonCN;
HCkCert cert;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Important: Before running this program, convert your
// .crt and .key files to a .p12 using OpenSSL:
// The command is this:
// openssl pkcs12 -export -in test.crt -inkey test.key -out test.p12
//
ftp = CkFtp2_Create();
CkFtp2_putHostname(ftp,"ftp.example.com");
CkFtp2_putPort(ftp,21);
CkFtp2_putUsername(ftp,"testLogin");
CkFtp2_putPassword(ftp,"testPassword");
// This example will use explict TLS/SSL.
// Establish an explicit secure channel after connection
// on the standard FTP port 21.
CkFtp2_putAuthTls(ftp,TRUE);
// The Ssl property is for establishing an implicit SSL connection
// on port 990. Because this example uses explicit SSL, it
// should remain FALSE.
CkFtp2_putSsl(ftp,FALSE);
// Create an instance of a certificate store object, load a .p12 file,
// locate the certificate we need, and use it for signing.
// (a P12/PFX file may contain more than one certificate.)
certStore = CkCertStore_Create();
// The 1st argument is the filename, the 2nd arg is the
// .p12 file's password. (OpenSSL will prompty you to set a password
// when converting the .crt and .key into a .p12).
success = CkCertStore_LoadPfxFile(certStore,"test.p12","secret");
if (success != TRUE) {
printf("%s\n",CkCertStore_lastErrorText(certStore));
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
return;
}
jsonCN = CkJsonObject_Create();
CkJsonObject_UpdateString(jsonCN,"CN","cert common name");
cert = CkCert_Create();
success = CkCertStore_FindCert(certStore,jsonCN,cert);
if (success == FALSE) {
printf("%s\n",CkCertStore_lastErrorText(certStore));
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);
return;
}
success = CkFtp2_SetSslClientCert(ftp,cert);
// Connect and login to the FTP server.
success = CkFtp2_Connect(ftp);
if (success != TRUE) {
printf("%s\n",CkFtp2_lastErrorText(ftp));
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);
return;
}
else {
// LastErrorText contains information even when
// successful. This allows you to visually verify
// that the secure connection actually occurred.
printf("%s\n",CkFtp2_lastErrorText(ftp));
}
printf("Secure FTP Channel Established!\n");
printf("%s\n",CkFtp2_lastErrorText(ftp));
// Do whatever you're doing to do ...
// upload files, download files, etc...
// ...
// ...
success = CkFtp2_Disconnect(ftp);
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);
}