ColdFusion and FTP over implicit TLS/SSL
ColdFusion and FTP over implicit TLS/SSL
Join the DZone community and get the full member experience.
Join For FreeLearn how error monitoring with Sentry closes the gap between the product team and your customers. With Sentry, you can focus on what you do best: building and scaling software that makes your users’ lives better.
Coldfusion 9 allows you to connect to a secure FTP server (cfftp: Opening and closing secure FTP server connections), however this doesn't seem to work if the FTP server is using FTP over implicit TLS/SSL. To get it working was quite a head-ache and hopefully I can save someone else many hours of swearing!
Firstly if you are getting the error:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Then you may just need to add the certificate to your ColdFusion server. To do this I recommend using CertMan which you can download from http://certman.riaforge.org/.
That didn't work for me I was still getting this error:
An error occurred while establishing an sFTP connection. Verify your connection attributes: username, password, server, fingerprint, port, key, connection, proxyServer, and secure (as applicable). Error: connection is closed by foreign host.
So, then I started looking for Java libraries and found ftp4j which is licenced under the LGPL. Using it in ColdFusion is pretty simple if you use Mark Mandel's excellent JavaLoader.
So, download JavaLoader and extract into your webroot and then download ftp4j and put the ftp4j-1.6.jar in the webroot (if you're using mappings then you can put them anywhere).
Now that's done, here is some sample code to connect and list the directory contents of the FTP Server.
<cfscript>
paths = [];
/*
This points to the jar we want to load.
Could also load a directory of .class files
*/
paths[1] = expandPath("ftp4j-1.6.jar");
//create the loader
loader = createObject("component", "javaloader.JavaLoader").init(paths);
//at this stage we only have access to the class, but we don't have an instance
FTPClient = loader.create("it.sauronsoftware.ftp4j.FTPClient").init();
//FTPClient.setSecurity(FTPClient.SECURITY_FTPES); // enables FTPES
FTPClient.setSecurity(FTPClient.SECURITY_FTPS); // enables FTPS
// if the security is set to SECURITY_FTPS, the default port used by the connect() method changes to 990.
FTPClient.connect("ftps.someserver.com");
FTPClient.login("aliaspooryorik", "HardPasswordToGuess");
FTPClient.upload(CreateObject("java","java.io.File").init(ExpandPath("somefile.xml")));
writeDump(FTPClient.currentDirectory());
FTPClient.disconnect(true);
</cfscript>
What’s the best way to boost the efficiency of your product team and ship with confidence? Check out this ebook to learn how Sentry's real-time error monitoring helps developers stay in their workflow to fix bugs before the user even knows there’s a problem.
Like This Article? Read More From DZone
Published at DZone with permission of John Whish , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}