{NET}Question about FTPSClient -Client Authentication

Hi,

I am using commons net 2.0 jar to connect to FTPS server using explicit SSL.
I wanted to perform Client Authentication. I have used setNeedClientAuth()
to initialise to true and initialised the keystore. It doesnt seem to work.

In the code for FTPSClient - sslNegotiation() method , there is a code
snippet

if (!isClientMode) {
            socket.setNeedClientAuth(isNeedClientAuth);
            socket.setWantClientAuth(isWantClientAuth);
        }

I tried setting setUseClientMode() to false..In such a case, my client
starts the SSL handshake as a server and hangs waiting for a ClientHello
command from the server.

My question is:: Is it neccessary to set UseClientMode() to false?? How to
acheive Client Authentication?? . Is it neccessary for the socket to connect
in Server mode for performing client authentication??

Thanks for your response

Srikanth

If the server expects you to be the client, which is the likely case, you
need to use client mode. Otherwise, the SSLSocket will not perform the
negotiation correctly. In order for FTPSClient to successfully authenticate
itself, you must set the FTPSClient KeyManager to a KeyManager initialized
with a KeyStore that contains the signed certificate provided to you by the
server's auth authority.

----- Original Message -----
From: "srikanth k.m" <[hidden email]>
To: <[hidden email]>
Sent: Friday, June 12, 2009 10:19 AM
Subject: {NET}Question about FTPSClient -Client Authentication


> Hi,
>
> I am using commons net 2.0 jar to connect to FTPS server using explicit
SSL.
> I wanted to perform Client Authentication. I have used setNeedClientAuth()
> to initialise to true and initialised the keystore. It doesnt seem to
work. connect
> in Server mode for performing client authentication??
>
> Thanks for your response
>
> Srikanth
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]