Over a million developers have joined DZone.

ColdFusion and FTP over implicit TLS/SSL

· Web Dev Zone

Coldfusion 9 allows you to connect to a secure FTP server (cfftp: Opening and closing secure FTP server connections), however this doesn't seem  to work if the FTP server is using FTP over implicit TLS/SSL. To get it working was quite a head-ache and hopefully I can save someone else many hours of swearing!

Firstly if you are getting the error:

sun.security.validator.ValidatorException: 
PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target

Then you may just need to add the certificate to your ColdFusion server. To do this I recommend using CertMan which you can download from http://certman.riaforge.org/.

That didn't work for me I was still getting this error:

An error occurred while establishing an sFTP connection.

Verify your connection attributes: username, password, server, fingerprint, port, key, connection, proxyServer, and secure (as applicable). Error: connection is closed by foreign host.

So, then I started looking for Java libraries and found ftp4j which is licenced under the LGPL. Using it in ColdFusion is pretty simple if you use Mark Mandel's excellent JavaLoader.

So, download JavaLoader and extract into your webroot and then download ftp4j and put the ftp4j-1.6.jar in the webroot (if you're using mappings then you can put them anywhere).

Now that's done, here is some sample code to connect and list the directory contents of the FTP Server.

<cfscript>
paths = [];

/*
This points to the jar we want to load.
Could also load a directory of .class files
*/
paths[1] = expandPath("ftp4j-1.6.jar");

//create the loader
loader = createObject("component", "javaloader.JavaLoader").init(paths);

//at this stage we only have access to the class, but we don't have an instance
FTPClient = loader.create("it.sauronsoftware.ftp4j.FTPClient").init();

//FTPClient.setSecurity(FTPClient.SECURITY_FTPES); // enables FTPES
FTPClient.setSecurity(FTPClient.SECURITY_FTPS); // enables FTPS

// if the security is set to SECURITY_FTPS, the default port used by the connect() method changes to 990.
FTPClient.connect("ftps.someserver.com"); 

FTPClient.login("aliaspooryorik", "HardPasswordToGuess");

FTPClient.upload(CreateObject("java","java.io.File").init(ExpandPath("somefile.xml")));

writeDump(FTPClient.currentDirectory());

FTPClient.disconnect(true);
</cfscript>



Topics:

Published at DZone with permission of John Whish, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}