Tcl
Tcl
Secure FTP with Client Certificate
See more FTP Examples
Chilkat FTP2 provides the ability to use a client certificate with secure FTP (implicit or explicit SSL/TLS). This example demonstrates how to load a certificate from a .pfx and use it as the client-side SSL cert. Note: Client-side certificates are only needed in situations where the server demands one.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set ftp [new_CkFtp2]
CkFtp2_put_Hostname $ftp "ftp.example.com"
CkFtp2_put_Port $ftp 21
CkFtp2_put_Username $ftp "test"
CkFtp2_put_Password $ftp "test"
# This example will use explict TLS/SSL.
# Establish an explicit secure channel after connection
# on the standard FTP port 21.
CkFtp2_put_AuthTls $ftp 1
# The Ssl property is for establishing an implicit SSL connection
# on port 990. Because this example uses explicit SSL, it
# should remain 0.
CkFtp2_put_Ssl $ftp 0
# Load a certificate from a .pfx
# A PFX may contain several certs, including the certificates
# in a chain of authority.
set certStore [new_CkCertStore]
set password "***"
# Load the certs from a PFX into an in-memory certificate store:
set success [CkCertStore_LoadPfxFile $certStore "chilkat.pfx" $password]
if {$success != 1} then {
puts [CkCertStore_lastErrorText $certStore]
delete_CkFtp2 $ftp
delete_CkCertStore $certStore
exit
}
# Find the desired certificate.
set jsonCN [new_CkJsonObject]
CkJsonObject_UpdateString $jsonCN "CN" "cert common name"
set cert [new_CkCert]
set success [CkCertStore_FindCert $certStore $jsonCN $cert]
if {$success == 0} then {
puts "Certificate not found!"
delete_CkFtp2 $ftp
delete_CkCertStore $certStore
delete_CkJsonObject $jsonCN
delete_CkCert $cert
exit
}
# Use this certificate for our secure (SSL/TLS) connection:
set success [CkFtp2_SetSslClientCert $ftp $cert]
# Connect and login to the FTP server. The connection is
# made secure because of the AuthTls setting.
set success [CkFtp2_Connect $ftp]
if {$success != 1} then {
puts [CkFtp2_lastErrorText $ftp]
delete_CkFtp2 $ftp
delete_CkCertStore $certStore
delete_CkJsonObject $jsonCN
delete_CkCert $cert
exit
} else {
# LastErrorText contains information even when
# successful. This allows you to visually verify
# that the secure connection actually occurred.
puts [CkFtp2_lastErrorText $ftp]
}
puts "Secure FTP Channel Established!"
# Do whatever you're doing to do ...
# upload files, download files, etc...
# .....
# .....
set success [CkFtp2_Disconnect $ftp]
delete_CkFtp2 $ftp
delete_CkCertStore $certStore
delete_CkJsonObject $jsonCN
delete_CkCert $cert