Hi there,
I have an ftps server on z/OS. The ftps server certificate is signed by
the company's internal CA.
On the client side this is a Fedora 27 system with lftp 4.8.3
First the two case which works fine (and which I understand).
1. I have set
set ftp:ssl-force true
set ftp:ssl_auth tls
No certificate specified, no certificate installed in the Linux
system and I get:
ERROR: Certificate verification: Not trusted (66:7C....
and the connection will be closed.
2. Same as 1. but now I have copied the root certificate of the
company's internal CA into /etc/pki-ca-trust-source/anchor/ directory
and I have run
sudo update-ca-trust
This time the ftp server's certificate can be validated and things are
fine.
Now the case I don't understand:
I have set:
set ftp:ssl-force true
set ftp:ssl_auth tls
set ssl:verify-certificate ZOS_SELF_SIGNED
where ZOS_SELF_SIGNED is just a self signed certificate in PEM
format created on the z/OS system.
Now I get
WARNING: Certificate verification: Not trusted (66:7C....
and I can list files on the remote site and download files from the
remote site.
Question: Why do I get a warning only? I had expected to get an error
here.
--
Thanks,
Manfred
_______________________________________________
lftp mailing list
lftp@uniyar.ac.ru
http://univ.uniyar.ac.ru/mailman/listinfo/lftp
