Login  
Search All Forums
Dart Home | PowerTCP FTP for ActiveX | Custom Development Reply | PowerTCP FTP for ActiveX Topics | Forums   
AuthorForum: PowerTCP FTP for ActiveX
Topic: How to set FTP Active X control to be secure client?
rsdennis

From: Portsmouth, United Kingdom
Posts: 3
Member Since: 09/21/09
posted September 21, 2009 3:44 AM

If I do the following do I get a secure connection, with userid , password and data sent encrypted.

FTP1.Security = secureNormal
FTP1.Login sServer, sUserName, sPass

How can I check if the connection is secure?
I use VB6 and Access2007.
K M Drake



From: Utica, NY USA
Posts: 3406
Member Since: 07/14/00
posted September 21, 2009 9:32 AM

Hi,
First, if Ftp.Authentication is atNone, then the connection will not be secure.

If this property is set to something else, you should see an Authenticate event whenever the server sends a certificate.

You should also see encrypted data when using a protocol sniffer like Wireshark.

-ken
rsdennis

From: Portsmouth, United Kingdom
Posts: 3
Member Since: 09/21/09
posted September 22, 2009 4:52 AM

Thanks Ken. I have set up WireShark, works great.

If I can see unencrypted password and userid then is the connection is not secure?.

I will only be using one trusted server provided by 1&1. My data does not need to be encrypted but I do want to protect the password and userid.

I have tried all the Authentication settings and only atNone and atHashLogin work, both with unencrypted password etc.showing in WireShark.
Do I need a combination of settings for .Authentication and .Security to meet my simple needs?  PS I have purchased a years support, is this forum the best way to communicate?. 
Bob
K M Drake



From: Utica, NY USA
Posts: 3406
Member Since: 07/14/00
posted September 22, 2009 10:30 AM

Hi,
First, the Security property is for environments that do not support events (such as ASP).
It specifies how to respond to problems with the certificate.
If you are using VB, you can do this in real-time, when the Authenticate event fires.

Yes, if you can read the username and password, it is not secure.

There are two basic types of FTPS - explicit and implicit.
In explicit, the client connects non-securely to the standard FTP port (21) and switches to a secure connection after the login.
In implicit, the connection is made to port 990 and is secure from the start.

It sounds like you want to use implicit.
Make sure the server supports it and try connecting to port 990.
You should get an Authenticate event with the server's certificate.
If you accept the certificate (the Valid argument is True or set to True), the secure connection should be established.

From that point on, you can proceed just like you would for non-secure connections.

You can either post here or send email to support@dart.com, if you would rather not post.

-ken

Reply | PowerTCP FTP for ActiveX Topics | Forums   
This site is powered by PowerTCP WebServer Tool PowerTCP WebServer for ActiveX