Verify FTP SSL Server Certificate

This example demonstrates how to verify the FTP server's certificate and authenticity. The intent is to verify the authenticity of the server before passing a login/password to it.

Download Chilkat Python Library

import sys
import chilkat

ftp = chilkat.CkFtp2()

#  Any string unlocks the component for the 1st 30-days.
success = ftp.UnlockComponent("Anything for 30-day trial")
if (success != True):
    print ftp.lastErrorText()
    sys.exit()

ftp.put_Hostname("ftp.myftpserver.com")
ftp.put_Username("myUsername")
ftp.put_Password("myPassword")

#  Establish an AUTH SSL secure channel after connection
#  on the standard FTP port 21.
ftp.put_AuthSsl(True)

#  The Ssl property is for establishing an implicit SSL connection
#  on port 990.  Do not set it.
ftp.put_Ssl(False)

#  Indicate that the FTP server must have a verifiable SSL certificate.
#  Do not accept self-signed certs or certificates that are
#  expired, revoked, or cannot be verified to a root authority:
ftp.put_RequireSslCertVerify(True)

#  You may also set a requirement.  In this example,
#  the certificate's Common Name (CN) must match the
#  required string exactly:
ftp.SetSslCertRequirement("subjectcn","Chilkat Software, Inc.")

#  Connect and login to the FTP server.
success = ftp.Connect()
if (success != True):
    print ftp.lastErrorText()
    sys.exit()
else:
    #  LastErrorText contains information even when
    #  successful. This allows you to visually verify
    #  that the secure connection actually occurred.
    print ftp.lastErrorText()

#  After logging on, you may examine the FTP server's cert:

cert = ftp.GetSslServerCert()
if (cert == None ):
    print "No server certificate!"
else:
    #  Display the distinguished name of the SSL cert.
    print cert.subjectDN()

print "Secure FTP Channel Established!"

#  Do whatever you're doing to do ...
#  upload files, download files, etc...

ftp.Disconnect()