Verify FTP SSL Server Certificate

This example demonstrates how to verify the FTP server's certificate and authenticity. The intent is to verify the authenticity of the server before passing a login/password to it.

Download Chilkat FTP2 ActiveX

LOCAL loFtp
LOCAL lnSuccess
LOCAL loCert

loFtp = CreateObject('Chilkat.Ftp2')

*  Any string unlocks the component for the 1st 30-days.
lnSuccess = loFtp.UnlockComponent("Anything for 30-day trial")
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loFtp.LastErrorText)
    QUIT
ENDIF

loFtp.Hostname = "ftp.myftpserver.com"
loFtp.Username = "myUsername"
loFtp.Password = "myPassword"

*  Establish an AUTH SSL secure channel after connection
*  on the standard FTP port 21.
loFtp.AuthSsl = 1

*  The Ssl property is for establishing an implicit SSL connection
*  on port 990.  Do not set it.
loFtp.Ssl = 0

*  Indicate that the FTP server must have a verifiable SSL certificate.
*  Do not accept self-signed certs or certificates that are
*  expired, revoked, or cannot be verified to a root authority:
loFtp.RequireSslCertVerify = 1

*  You may also set a requirement.  In this example,
*  the certificate's Common Name (CN) must match the
*  required string exactly:
loFtp.SetSslCertRequirement("subjectcn","Chilkat Software, Inc.")

*  Connect and login to the FTP server.
lnSuccess = loFtp.Connect()
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loFtp.LastErrorText)
    QUIT
ELSE
    *  LastErrorText contains information even when
    *  successful. This allows you to visually verify
    *  that the secure connection actually occurred.
    ? loFtp.LastErrorText
ENDIF

*  After logging on, you may examine the FTP server's cert:

loCert = loFtp.GetSslServerCert()
IF (loCert = NULL ) THEN
    =MESSAGEBOX("No server certificate!")
ELSE
    *  Display the distinguished name of the SSL cert.
    =MESSAGEBOX(loCert.SubjectDN)
ENDIF

=MESSAGEBOX("Secure FTP Channel Established!")

*  Do whatever you're doing to do ...
*  upload files, download files, etc...

loFtp.Disconnect()