Easy Pass to Secure File Transfer
TM
»User: »Password:   Remember Me? 
Sysax Product Forums / Sysax Multi Server / Bugs and Feature Requests / MultiServer HTTPS set up question
Posted:  06 Nov 2008 13:20
I have an existing webserver with a secure site on it now. I want to add a second IP, second SSL cert, and use MultiServer to receive automated uploads from someone using HTTPS. Is this possible? I've been attempting it for a while now without success.
Posted:  06 Nov 2008 13:24
You can do this in a couple of ways. You can setup the HTTPS flie transfer interface to use a different port. The only caveat here is that the url used to connect will need to have the port explicitly specified like this:
https://:
The other alternative, if you have multiple IP addresses on the same system is to restrict Sysax server to one of the IP addresses.
Posted:  06 Nov 2008 13:28
I have it responding and logging me in via HTTPS now...but using CuteFTP, I get a directory with the following items in it, and not the one I set as the home directory in the server program.
Http:/ folder
http:/www.sysax.com MS-DOS application
loginacc.gif
scgi?
Style.css
It is defaulting to the C:Program FilesSysaxServer directory, it appears,but even then, it is not displaying all the files that are in it. Have I missed something in the setup to get it to go to the right Home path, or is this a limitation of the evaluation?
Posted:  06 Nov 2008 13:30   Last Edited By: sysaxsupport
You need a FTP client program only if you want to use secure file transfer using SFTP or FTPS. For https, sysax multi server is setup to work with any web browser. Just type in the following in your web browser
Posted:  06 Nov 2008 13:34
If I set up FTPS Implicit on port 443 (for a very specific reason), what else do I need to do to use a client to transfer? Other ports through the firewall besides 443? I can make the connection, but it ends up timing out trying to create the List.
Posted:  06 Nov 2008 13:36
If I set up FTPS Implicit on port 443 (for a very specific reason), what else do I need to do to use a client to transfer? Other ports through the firewall besides 443? I can make the connection, but it ends up timing out trying to create the List.
Posted:  06 Nov 2008 13:36
Well, I guess I am just not smart enough for the program. LOL I put the public IP in the PASV and set PASV ports, open those in the firewall...still connection times out...you can see below what I keep getting.

*** CuteFTP 8.3 - build Aug 25 2008 ***

STATUS:> [10/17/2008 8:05:35 PM] Getting listing ""...
STATUS:> [10/17/2008 8:05:35 PM] Connecting to FTP server... 216.37.23.27:443 (ip =3D 216.37.23.27)...
STATUS:> [10/17/2008 8:05:35 PM] Socket connected. Waiting for welcome message...
STATUS:> [10/17/2008 8:05:35 PM] Connected. Exchanging encryption keys...
STATUS:> [10/17/2008 8:05:35 PM] SSL Connect time: 437 ms.
STATUS:> [10/17/2008 8:05:35 PM] SSL encrypted session established.
[10/17/2008 8:05:35 PM] 220- Sysax Multi Server Service (Version 4)
220
STATUS:> [10/17/2008 8:05:35 PM] Connected. Authenticating...
COMMAND:> [10/17/2008 8:05:35 PM] USER Test
[10/17/2008 8:05:35 PM] 331 User name okay, need password
COMMAND:> [10/17/2008 8:05:35 PM] PASS *****
[10/17/2008 8:05:35 PM] 230 User logged in, proceed
STATUS:> [10/17/2008 8:05:35 PM] Login successful.
COMMAND:> [10/17/2008 8:05:35 PM] PWD
[10/17/2008 8:05:36 PM] 257 "/" is current path
STATUS:> [10/17/2008 8:05:36 PM] Home directory: /
COMMAND:> [10/17/2008 8:05:36 PM] FEAT
[10/17/2008 8:05:36 PM] 502 Command not implemented
STATUS:> [10/17/2008 8:05:36 PM] This site doesn't support the 'features' command.
COMMAND:> [10/17/2008 8:05:36 PM] REST 100
[10/17/2008 8:05:36 PM] 350 Start position for transfer has been set
STATUS:> [10/17/2008 8:05:36 PM] This site can resume broken downloads.
COMMAND:> [10/17/2008 8:05:36 PM] REST 0
[10/17/2008 8:05:36 PM] 350 Start position for transfer has been set
COMMAND:> [10/17/2008 8:05:36 PM] PBSZ 0
[10/17/2008 8:05:36 PM] 200 PBSZ Command accepted. Protection buffer set to 0
COMMAND:> [10/17/2008 8:05:36 PM] PROT P
[10/17/2008 8:05:36 PM] 200 PROT Command accepted
COMMAND:> [10/17/2008 8:05:36 PM] PASV
[10/17/2008 8:05:36 PM] 227 Entering Passive Mode (216,37,23,27,39,17)
COMMAND:> [10/17/2008 8:05:36 PM] LIST
STATUS:> [10/17/2008 8:05:36 PM] Connecting FTP data socket... 216.37.23.27:10001...
[10/17/2008 8:05:36 PM] 150 File status okay; about to opendata connection
STATUS:> [10/17/2008 8:05:36 PM] Connected. Exchanging encryption keys...
ERROR:> [10/17/2008 8:05:36 PM] SSL: Error in negotiating SSL connection.
ERROR:> [10/17/2008 8:05:36 PM] Failed to establish data socket.
[10/17/2008 8:05:36 PM] 226 Closing data connection

Does the end of this error message mean that there is a problem with the SSL cert that MultiServer created? When I switch to just regular FTP and PASV ports, everything works normally. It is only when I try to use 443 with FTP SSL Implicit that I get this error and cannot create the connection properly. Are there logs that are more verbose on the server? The regular log doesn't show much.

*** CuteFTP 8.3 - build Aug 25 2008 ***

STATUS:> [10/18/2008 2:02:24 AM] Getting listing ""...
STATUS:> [10/18/2008 2:02:24 AM] Resolving host name secureftp.teammis.com...
STATUS:> [10/18/2008 2:02:24 AM] Host name secureftp.teammis.com resolved: ip =3D 216.37.23.27.
STATUS:> [10/18/2008 2:02:24 AM] Connecting to FTP server... secureftp.teammis.com:443 (ip =3D 216.37.23.27)...
STATUS:> [10/18/2008 2:02:24 AM] Socket connected. Waiting for welcome message...
STATUS:> [10/18/2008 2:02:24 AM] Initializing SSL module.
STATUS:> [10/18/2008 2:02:24 AM] Connected. Exchanging encryption keys...
STATUS:> [10/18/2008 2:02:25 AM] SSL Connect time: 1170 ms.
STATUS:> [10/18/2008 2:02:25 AM] SSL encrypted session established.
[10/18/2008 2:02:25 AM] 220- Sysax Multi Server Service (Version 4)
220
STATUS:> [10/18/2008 2:02:25 AM] Connected. Authenticating...
COMMAND:> [10/18/2008 2:02:25 AM] USER Test
[10/18/2008 2:02:25 AM] 331 User name okay, need password
COMMAND:> [10/18/2008 2:02:25 AM] PASS *****
[10/18/2008 2:02:25 AM] 230 User logged in, proceed
STATUS:> [10/18/2008 2:02:25 AM] Login successful.
COMMAND:> [10/18/2008 2:02:25 AM] PWD
[10/18/2008 2:02:26 AM] 257 "/" is current path
STATUS:> [10/18/2008 2:02:26 AM] Home directory: /
COMMAND:> [10/18/2008 2:02:26 AM] FEAT
[10/18/2008 2:02:26 AM] 502 Command not implemented
STATUS:> [10/18/2008 2:02:26 AM] This site doesn't support the 'features' command.
COMMAND:> [10/18/2008 2:02:26 AM] REST 100
[10/18/2008 2:02:26 AM] 350 Start position for transfer has been set
STATUS:> [10/18/2008 2:02:26 AM] This site can resume broken downloads.
COMMAND:> [10/18/2008 2:02:26 AM] REST 0
[10/18/2008 2:02:26 AM] 350 Start position for transfer has been set
COMMAND:> [10/18/2008 2:02:26 AM] PBSZ 0
[10/18/2008 2:02:26 AM] 200 PBSZ Command accepted. Protection buffer set to 0
COMMAND:> [10/18/2008 2:02:26 AM] PROT P
[10/18/2008 2:02:26 AM] 200 PROT Command accepted
COMMAND:> [10/18/2008 2:02:26 AM] PASV
[10/18/2008 2:02:26 AM] 227 Entering Passive Mode (172,16,1,15,39,17)
STATUS:> [10/18/2008 2:02:26 AM] Substituting received PASV address 172.16.1.15 to server address 216.37.23.27.
COMMAND:> [10/18/2008 2:02:26 AM] LIST
STATUS:> [10/18/2008 2:02:26 AM] Connecting FTP data socket... 216.37.23.27:10001...
[10/18/2008 2:02:26 AM] 150 File status okay; about to opendata connection
STATUS:> [10/18/2008 2:02:26 AM] Connected. Exchanging encryption keys...
ERROR:> [10/18/2008 2:02:26 AM] SSL: Error in negotiating SSL connection.
ERROR:> [10/18/2008 2:02:26 AM] Failed to establish data socket.
[10/18/2008 2:02:26 AM] 226 Closing data connection

Can Multi Server exist on an IIS6 server, which has its own IP assigned to the site, but also has a certificate, thus using ports 80/443? Even though I have given the server a second IP address, confirmed that IIS is assigned a different IP address, I cannot have both running at once, as each states the other is using port 443.
Posted:  06 Nov 2008 13:39
It appears that SSL support was broken in last week's release. This has been fixed and a new release is available from the sysax.com website. This should hopefully resolve the issues you were seeing with SSL connections.
Sysax Server should coexist with IIS. It may be that the two IP addresses are translated into the same network interface in your system. In that case you will need to use a different port.
 

Copyright © 2008 Codeorigin, LLC - All Rights Reserved.
XML RSS 2.0 XML Atom 1.0