While trying to connect to a FTP server through port 21(TLS authentication) with pub.client.ftp:login from Developer, Server certificate rejected by chain verifier error is thrown. If tried with default none for auth, password incorrect error is thrown. Issue observed after replacing the expired certificate with new one. New certificate has been kept in both pub and ca directories. No change in credentials. Please provide suggestions on what might be causing this issue.
It was working before and now it doesn’t. Apart from keeping the certificates in pub & CA, do the certificates need to be configured anywhere else? Moreover I run this service in developer, it just exits before the result. Same result whenever I try again. Noticing this weird behavior too.
If you want the Integration Server to accept a connection when one or more of the CA certificates in the chain are expired, you must update the watt.security.ssl.ignoreExpiredChainsproperty in the server configuration file. (server.cnf) to true
. This setting will cause the server to ignore expired CA certificates in the chain.
For “true” expired chains are ignored. All other values are treated as “false”.
It is FTP only but with TLS authentication. Port 21 is opened from partner side for our server. Moreover the expired certificate was a self-signed one and the new one is not, it has a CA and root CA. I will check and update if I get more information. And thank you for the suggestion on the extended setting.