Secure FTP with Client Certificate

Chilkat FTP2 provides the ability to use a client certificate with secure FTP (implicit or explicit SSL/TLS). This example demonstrates how to load a certificate from a .pfx and use it as the client-side SSL cert. Note: Client-side certificates are only needed in situations where the server demands one.

Download Chilkat .NET for 2.0 / 3.5 Framework

Download Chilkat .NET for 64-bit 2.0 / 3.5 Framework (x64)

Download Chilkat .NET for 1.0 / 1.1 Framework

Chilkat.Ftp2 ftp = new Chilkat.Ftp2();

bool success;

//  Any string unlocks the component for the 1st 30-days.
success = ftp.UnlockComponent("Anything for 30-day trial");
if (success != true) {
    MessageBox.Show(ftp.LastErrorText);
    return;
}

//  You may use this account for testing.
//  This account allows for directory listings and files
//  to be downloaded.  However, file uploads are not allowed.
ftp.Hostname = "ftp.secureftp-test.com";
ftp.Username = "test";
ftp.Password = "test";

//  Establish an explicit secure channel after connection
//  on the standard FTP port 21.
ftp.AuthTls = true;

//  The Ssl property is for establishing an implicit SSL connection
//  on port 990.  Do not set it.
ftp.Ssl = false;

//  Load a certificate from a .pfx
//  A PFX may contain several certs, including the certificates
//  in a chain of authority.
Chilkat.CertStore certStore = new Chilkat.CertStore();
string password;
password = "***";
//  Load the certs from a PFX into an in-memory certificate store:
success = certStore.LoadPfxFile("chilkat.pfx",password);
if (success != true) {
    textBox1.Text += certStore.LastErrorText + "\r\n";
    return;
}

//  Find the exact cert we'll use:
Chilkat.Cert cert = null;
cert = certStore.FindCertBySubject("Chilkat Software, Inc.");
if (cert == null ) {
    textBox1.Text += "Certificate not found!" + "\r\n";
    return;
}

//  Use this certificate for our secure (SSL/TLS) connection:
ftp.SetSslClientCert(cert);

//  Connect and login to the FTP server.  The connection is
//  made secure because of the AuthTls setting.
success = ftp.Connect();
if (success != true) {
    MessageBox.Show(ftp.LastErrorText);
    return;
}
else {
    //  LastErrorText contains information even when
    //  successful. This allows you to visually verify
    //  that the secure connection actually occurred.
    textBox1.Text += ftp.LastErrorText + "\r\n";
}

MessageBox.Show("Secure FTP Channel Established!");

//  Do whatever you're doing to do ...
//  upload files, download files, etc...

ftp.Disconnect();

//  The LastErrorText provides a detailed log of the
//  SSL connection for both success and failed connections.
//  Here is an example of a successful connection.
//  The client certificate is logged as "ClientCertDN":

//  ChilkatLog:
//    Connect:
//      DllDate: Aug 15 2007
//      Hostname: ftp.secureftp-test.com
//      Port: 21
//      IdleTimeoutMs: 60000
//      ConnectTimeout: 60
//      HeartbeatMs: 0
//      initialStatus: 220
//      initialResponse: 220 FileZilla Server version 0.9.23 beta
//      converting to secure connection...
//      ClientCertDN: C=US, S=Illinois, L=Wheaton, O="Chilkat Software, Inc.", OU=Secure Application Development, CN="Chilkat Software, Inc."
//      SSL Server Certificate not verified.
//      ConnectionInfo:
//        protocol: TLS1
//        cipher: RC4
//        cipherStrength: 128
//        hash: MD5
//        hashStrength: 128
//        keyExchange: RSA
//        keyExchangeStrength: 1024
//      Secure Channel Established.
//      successfully converted to secure connection...
//      Features: 211-Features:
//   MDTM
//   REST STREAM
//   SIZE
//   MLST type*;size*;modify*;
//   MLSD
//   AUTH SSL
//   AUTH TLS
//   UTF8
//   CLNT
//   MFMT
//  211 End
//      Directory listings are utf-8
//      Logging in...
//      Username: test
//      Login successful.
//      Connect successful