Android Question FTP over SSL from Net library v1.37 (solved)

[Maciej]

Hello,
I am trying to use FTP from Net library v1.37 and trying to connect to my FTP server over SSL.
Unfortunately I get “trust anchor for certification path not found” error, because I use a self signed certificate on my server.
According to the Net library documentation (http://www.b4x.com/android/help/net.html ) :
"CustomTrustManager allows you to create a SSL trust manager from a cert file or to create a trust manager that accepts all certificates."
But it seems that this type is not included in the Net library ?
Idem for “UseSSLExplicit” member. Is it included in the Net library ?
If not, which kind of protocol is used ? Implicit or explicit ?
BR,
Maciej

 

[Erel]

The new version of Net library (v1.50) was not yet released. If you like to test it I can send you the library by mail. It adds support for SSL Explicit and also for custom trust managers.

 

[Maciej]

Thank you, Erel. Yes, I would like to test it.
BR,
Maciej

 

[Erel]

I will send you it by mail.

 

[b4auser1]

Erel,

Please send me lib as well. I had the same problem: http://www.b4x.com/android/forum/th...nable-to-find-valid-certification-path.37885/
Will I be able to use this lib with B4J ?

 

[Maciej]

I will send you it by mail.

Unfortunately, I get this error setting UseSSLExplicit to true:

java.lang.RuntimeException: Method: setUseSSLExplicit not found in: anywheresoftware.b4a.net.FTPWrapper
at anywheresoftware.b4a.shell.Shell$MethodCache.getMethod(Shell.java:895)
at anywheresoftware.b4a.shell.Shell.getMethod(Shell.java:549)
at anywheresoftware.b4a.shell.Shell.runMethod(Shell.java:635)
at anywheresoftware.b4a.shell.Shell.raiseEventImpl(Shell.java:302)
at anywheresoftware.b4a.shell.Shell.raiseEvent(Shell.java:238)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:525)
at anywheresoftware.b4a.ShellBA.raiseEvent2(ShellBA.java:121)
at b4a.example.main.afterFirstLayout(main.java:98)
at b4a.example.main.access$100(main.java:16)
at b4a.example.main$WaitForLayout.run(main.java:76)
at android.os.Handler.handleCallback(Handler.java:800)
at android.os.Handler.dispatchMessage(Handler.java:100)
at android.os.Looper.loop(Looper.java:194)
at android.app.ActivityThread.main(ActivityThread.java:5371)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:525)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:833)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:600)
at dalvik.system.NativeStart.main(Native Method)
** Activity (main) Resume **

 

[Maciej]

And even with :
CustomTrustManager.InitializeAcceptAll
UseSSL = true
Port 990

I get this error:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

It seems that UseSSLExplicit and CustomTrustManager are not working as expected ?

BR,
Maciej

 

[Maciej]

I assume that setting UseSSL leads to use of FTP Implicit, and setting UseSSLExplicit leads to use of FTP Explicit ? Am I right ?

BR,
Maciej

 

[Erel]

I've released v1.50. Please download it:

http://www.b4x.com/android/forum/threads/new-net-library-android-ftp-smtp-and-pop3.10892

And see the instructions about the new features.

 

[Maciej]

Hi Erel,
I have just tested the new library (v1.50)
I have tested my B4A application against AndFTP application from Google Play.
Using AndFTP I could execute successfully the 3 tests described below.
But with B4A application FTPS implicit and FTPS explicit failed !
Am I missing something ?
BR,
Maciej

Test1: server settings : passif, FTP on port 21, no SSL
myftp.Initialize("myftp", "host", 21, "user", "pwd")
trustmanager.InitializeAcceptAll
myftp.SetCustomSSLTrustManager(trustmanager)
myftp.PassiveMode = True
myftp.UseSSL = False
myftp.UseSSLExplicit = False
myftp.UploadFile(File.DirRootExternal, "toto.txt", True, "toto.txt")
Test1 Result :
Success upload = true

Test2: server settings : passif, FTPS implicit on port 990, SSL required
myftp.Initialize("myftp", "host", 990, "user", "pwd")
trustmanager.InitializeAcceptAll
myftp.SetCustomSSLTrustManager(trustmanager)
myftp.PassiveMode = True
myftp.UseSSL = True
myftp.UseSSLExplicit = False
myftp.UploadFile(File.DirRootExternal, "toto.txt", True, "toto.txt")
Test2 Result :
Success upload = false
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

Test3: server settings : passif, FTPS explicit on port 21, SSL required
myftp.Initialize("myftp", "host", 21, "user", "pwd")
trustmanager.InitializeAcceptAll
myftp.SetCustomSSLTrustManager(trustmanager)
myftp.PassiveMode = True
myftp.UseSSL = False
myftp.UseSSLExplicit = True
myftp.UploadFile(File.DirRootExternal, "toto.txt", True, "toto.txt")
Test3 Result :
Success upload = false
java.lang.RuntimeException: Error uploading file. 534 Policy requires SSL.

 

[Erel]

Please use [ code ] [ /code ] tags (without spaces) when posting code.

Is this server accessible over the internet? If yes then you can send me an email with the credentials and I'll test it.

 

[Maciej]

v1.51 library fixes this issue.
Thank you.

BR,
Maciej

 

[b4auser1]

Where to download 1.51 ?

 

[Maciej]

Where to download 1.51 ?

http://www.b4x.com/android/forum/threads/new-net-library-android-ftp-smtp-and-pop3.10892
Net.zip in "Attached file"

BR,
Maciej

 

[MMORETTI964]

Hi, I've successfully used last net library (1.52) for SSL explicit (UseSSL=False UseSSLExplicit=True) with FileZilla Server with self-signed certificate.
However, the implicit ssl give me this log result after the first command completed (with success=false)
(CertPathValidatorException) java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

Here my code:
Effetipi.Initialize("Effetipi", FtpCfg.Site, FtpCfg.port, FtpCfg.User, FtpCfg.pwd)
CTM.InitializeAcceptAll
Effetipi.SetCustomSSLTrustManager(CTM)
Effetipi.PassiveMode = True
Effetipi.UseSSL=True
Effetipi.UseSSLExplicit=False
Log(Effetipi.IsInitialized)
Effetipi.SendCommand("PWD","")

I need to make something on the device or something different on my code to make it works?
Another question: could I use NetExtras with self-signed creator as Net? I've seen 1.51 NetExtras but without new functions introduced from Erel in the 1.50 version.

Thank you very much in advance...
Maurizio

 

[Erel]

The custom SSL manager currently only works with SSL Explicit mode.

 

[MMORETTI964]

The custom SSL manager currently only works with SSL Explicit mode.

Thank you Erel.