You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Kutay C. Zorlu" <ku...@gmail.com> on 2020/02/01 16:16:06 UTC
Dear Sir, I need Help, Emergency, MINA SSL configuration not connect
remote client at server side.
Hi - ALL,
I am student, I have a master thesis project, I Integrated Apache mina to
my Project, Everything works on local good but when i deploy to a server i
have problem.
I already posted my question on Stackoverflow , No body answered.
https://stackoverflow.com/questions/59996597/apache-mina-ftps-on-remote-requets-not-works
Question is that:
________________________________________________________________
For the Apache MINA FTP Server SSL FILTER configuration : I tried
everything and I read more than 50 posts on stackoverflow to find the
error. But still no solution.
Problem Is that, When the SSL Filter Enabled for the Apache MINA FTP, it is
working on server side and at the Server Locally FileZilla Client Can
Access to server over implicitSSL it works without problem.
I allowed the 21 port and passive ports over firewall for all ips.
But when the remote client wants to access to the server, SERVER getting
request but session.write not works then MINA can not switch to USER exec,
SO REMOTE client can not connect FTP server.
But when I disable implicitSSL mode on SERVER side, REMOTE CLIENT can
connect . SO, without SSL, Client Connect Remote SERVER. It is tricky But
WHY, what is the problem.
If the problem is firewall , why the client connects when I disable
implicitSSL.
If the CODE is or configuration is the problem, WHEN I enable implicitSSL
=true, WHY local SERVER filezilla application can connect to server over
implicitSSL.
**
____________________________________________________________
tcp packages with SSL enabled : REMOTE CLIENT Filezilla
02:28:33.253835 IP x2e7200c6.dyn.telefonide.37346 > mx1pload.com.ftp: Flags
[F.], seq 347, ack 325, win 32120, length 0
02:28:33.253835 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
Flags [F.], seq 347, ack 325, win 32120, length 0
02:28:33.254596 IP mx1pload.com.ftp > x2e7200c6.dyn.telefonica.de.37346:
Flags [F.], seq 325, ack 348, win 28853, length 0
02:28:33.254614 IP mx1pload.com.ftp > x2e7200c6.dyn.telefonica.de.37346:
Flags [F.], seq 325, ack 348, win 28853, length 0
02:28:33.258439 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
Flags [.], ack 326, win 32120, length 0
02:28:33.258439 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
Flags [.], ack 326, win 32120, length 0
*TCP Packages : SSL DISABLEDD - just FTP - it works with remote Client *
*02:28:06.660810 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
Flags [.], ack 1, win 32120, length 002:28:06.660810 IP
x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp: Flags [.], ack 1, win
32120, length 002:28:06.663467 IP mx1pload.com.ftp >
x2e7200c6.dyn.telefonica.de.37346: Flags [P.], seq 1:34, ack 1, win 29200,
length 33: FTP: 220 Service ready for new user.02:28:06.663476 IP
mx1pload.com.ftp > x2e7200c6.dyn.telefonica.de.37346: Flags [P.], seq 1:34,
ack 1, win 29200, length 33: FTP: 220 Service ready for new
user.02:28:06.667289 IP x2e7200c6.dyn.telefonica.de.37346 >
mx1pload.com.ftp: Flags [.], ack 34, win 32087, length 002:28:06.667289 IP
x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp: Flags [.], ack 34,
win 32087, length 0*
Best Regards
ZORLU Kutay
+49 162 825 33 66
Re: Dear Sir, I need Help, Emergency, MINA SSL configuration not
connect remote client at server side.
Posted by Jonathan Valliere <jo...@emoten.com>.
Open up Wireshark and figure out what is going on.
What is the domain name on your SSL cert? Is it your IP address or is it
localhost?
On Sat, Feb 1, 2020 at 4:10 PM Kutay C. Zorlu <ku...@gmail.com> wrote:
> Hi - ALL,
>
> I am student, I have a master thesis project, I Integrated Apache mina to
> my Project, Everything works on local good but when i deploy to a server i
> have problem.
>
> I already posted my question on Stackoverflow , No body answered.
>
>
> https://stackoverflow.com/questions/59996597/apache-mina-ftps-on-remote-requets-not-works
>
>
> Question is that:
> ________________________________________________________________
>
> For the Apache MINA FTP Server SSL FILTER configuration : I tried
> everything and I read more than 50 posts on stackoverflow to find the
> error. But still no solution.
>
> Problem Is that, When the SSL Filter Enabled for the Apache MINA FTP, it is
> working on server side and at the Server Locally FileZilla Client Can
> Access to server over implicitSSL it works without problem.
>
> I allowed the 21 port and passive ports over firewall for all ips.
>
> But when the remote client wants to access to the server, SERVER getting
> request but session.write not works then MINA can not switch to USER exec,
> SO REMOTE client can not connect FTP server.
>
> But when I disable implicitSSL mode on SERVER side, REMOTE CLIENT can
> connect . SO, without SSL, Client Connect Remote SERVER. It is tricky But
> WHY, what is the problem.
>
> If the problem is firewall , why the client connects when I disable
> implicitSSL.
> If the CODE is or configuration is the problem, WHEN I enable implicitSSL
> =true, WHY local SERVER filezilla application can connect to server over
> implicitSSL.
> **
>
>
> ____________________________________________________________
>
> tcp packages with SSL enabled : REMOTE CLIENT Filezilla
> 02:28:33.253835 IP x2e7200c6.dyn.telefonide.37346 > mx1pload.com.ftp: Flags
> [F.], seq 347, ack 325, win 32120, length 0
> 02:28:33.253835 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
> Flags [F.], seq 347, ack 325, win 32120, length 0
> 02:28:33.254596 IP mx1pload.com.ftp > x2e7200c6.dyn.telefonica.de.37346:
> Flags [F.], seq 325, ack 348, win 28853, length 0
> 02:28:33.254614 IP mx1pload.com.ftp > x2e7200c6.dyn.telefonica.de.37346:
> Flags [F.], seq 325, ack 348, win 28853, length 0
> 02:28:33.258439 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
> Flags [.], ack 326, win 32120, length 0
> 02:28:33.258439 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
> Flags [.], ack 326, win 32120, length 0
>
>
>
>
> *TCP Packages : SSL DISABLEDD - just FTP - it works with remote Client *
>
>
>
>
>
> *02:28:06.660810 IP x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp:
> Flags [.], ack 1, win 32120, length 002:28:06.660810 IP
> x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp: Flags [.], ack 1,
> win
> 32120, length 002:28:06.663467 IP mx1pload.com.ftp >
> x2e7200c6.dyn.telefonica.de.37346: Flags [P.], seq 1:34, ack 1, win 29200,
> length 33: FTP: 220 Service ready for new user.02:28:06.663476 IP
> mx1pload.com.ftp > x2e7200c6.dyn.telefonica.de.37346: Flags [P.], seq
> 1:34,
> ack 1, win 29200, length 33: FTP: 220 Service ready for new
> user.02:28:06.667289 IP x2e7200c6.dyn.telefonica.de.37346 >
> mx1pload.com.ftp: Flags [.], ack 34, win 32087, length 002:28:06.667289 IP
> x2e7200c6.dyn.telefonica.de.37346 > mx1pload.com.ftp: Flags [.], ack 34,
> win 32087, length 0*
>
>
>
>
>
> Best Regards
> ZORLU Kutay
> +49 162 825 33 66
>
--
CONFIDENTIALITY NOTICE: The contents of this email message and any
attachments are intended solely for the addressee(s) and may contain
confidential and/or privileged information and may be legally protected
from disclosure.