I'm trying to create a FTPRequest using FtpWebRequest to send a report file to my server. But i don't understand about SSL/TLS connection.
The server I'm using accepts TLS connections. So, is just setting EnableSsl = true enough? Or do I need a client certificate?
If I just set to EnableSsl to true the connection is accepted and the file sent.
ftpRequest = (FtpWebRequest)WebRequest.Create(url);
ftpRequest.UseBinary = true;
ftpRequest.UsePassive = true;
ftpRequest.KeepAlive = false;
ftpRequest.Proxy = null;
ftpRequest.Credentials = new NetworkCredential(username, password);
If I want TLS/SSL:
ftpRequest.EnableSsl = true;
X509Certificate cert = X509Certificate.CreateFromCertFile(filePath);
X509CertificateCollection certCollection = new X509CertificateCollection { cert };
ftpRequest.ClientCertificates = certCollection;
If I set the certificate and try to connect, the server does not respond and don't give me any exception.
Do I really need a certificate? I don't know if the certificate is having a difference on connection or not. What's the purpose of certificate?
Thanks
A client certificate is a way of an authentication (as an alternative or a complement to a password). You need it only, if your FTPS server requires an authentication with a client certificate. It's similar to authentication with a private key in SSH.
In my experience, client certificates are used very rarely. Had you needed it, you would know. And you would typically not have a password (though it's possible, while even rarer, that your need both a password and a client certificate to authenticate).
So usually, to use FTPS (FTP over TLS/SSL), all you need is:
ftpRequest.EnableSsl = true;