proffe
Does SmartFTP read all the certificates sent by a server? It doesn't seem so.
I connect to a server which has a certificate signed by an intermediate CA, which is in turn signed by a trusted root CA whose certificate is installed as such in Windows' certificate repository, which SmartFTP uses.
The server (a lightly patched vsftpd) sends its own cert and that of the intermediate CA, as it should. I've verified this using the gnutls-cli, the GNU TLS test client, and both CoreFTP and FileZilla verify the certificate chain OK.
However, if I double-click the padlock icon to bring up the certificate details it says "/! Windows doesn't have enough information to verify this certificate" and only the server's own certificate is shown on the certification path tab. If I install the intermediate cert in the repository, all three certs are of course listed.
+- System -----------------------------
Microsoft Windows 2000 Professional
Service Pack 4 (Build 2195)
CPU Speed : 447 MHz
Total Memory : 523824 KB
Free Memory : 135808 KB
+- SmartFTP ---------------------------
Version : 1.1.985.6
Time Stamp : 2005-03-23 18:28:17
Language ID : 0x0409
Language File : ResEng.dll
+- Application DLL --------------------
controls.dll : 1.6.985.6
ftpapi.dll : 2.0.985.6
language.dll : 1.0.985.6
reseng.dll : 1.3.985.6
+- System DLL -------------------------
shell32.dll : 5.00.3900.7032
shlwapi.dll : 6.00.2800.1612 (xpsp2.041207-1145)
comctl32.dll : 5.81
riched20.dll : 5.30.23.1215
schannel.dll : 5.00.2195.6899
+- Internet Explorer ------------------
Version : 6.0.2800.1106
+- Winsock ----------------------------
Winsock : 2.2
I connect to a server which has a certificate signed by an intermediate CA, which is in turn signed by a trusted root CA whose certificate is installed as such in Windows' certificate repository, which SmartFTP uses.
The server (a lightly patched vsftpd) sends its own cert and that of the intermediate CA, as it should. I've verified this using the gnutls-cli, the GNU TLS test client, and both CoreFTP and FileZilla verify the certificate chain OK.
However, if I double-click the padlock icon to bring up the certificate details it says "/! Windows doesn't have enough information to verify this certificate" and only the server's own certificate is shown on the certification path tab. If I install the intermediate cert in the repository, all three certs are of course listed.
+- System -----------------------------
Microsoft Windows 2000 Professional
Service Pack 4 (Build 2195)
CPU Speed : 447 MHz
Total Memory : 523824 KB
Free Memory : 135808 KB
+- SmartFTP ---------------------------
Version : 1.1.985.6
Time Stamp : 2005-03-23 18:28:17
Language ID : 0x0409
Language File : ResEng.dll
+- Application DLL --------------------
controls.dll : 1.6.985.6
ftpapi.dll : 2.0.985.6
language.dll : 1.0.985.6
reseng.dll : 1.3.985.6
+- System DLL -------------------------
shell32.dll : 5.00.3900.7032
shlwapi.dll : 6.00.2800.1612 (xpsp2.041207-1145)
comctl32.dll : 5.81
riched20.dll : 5.30.23.1215
schannel.dll : 5.00.2195.6899
+- Internet Explorer ------------------
Version : 6.0.2800.1106
+- Winsock ----------------------------
Winsock : 2.2
