Hi, Alex:
On the server, I install most recently released version vsftpd-2.0.5 and add following directives and restart vsftpd: ## openssl for lftp added by glu 30/03/2007 ssl_enable=yes force_local_data_ssl=YES force_local_logins_ssl=YES rsa_cert_file=/usr/share/ssl/certs/blxch2.pem rsa_private_key_file=/usr/share/ssl/certs/blxch2.key allow_anon_ssl=yes ##log_ftp_protocol=yes vsftpd_log_file=/var/log/vsftpd.log ## ftps for lftp added by glu 02/04/2007 connect_from_port_20=YES listen_port=990 ftp_data_port=989 On lftp client, I install most recently released version lftp-3.5.10 and configured with openssl; I also add following directives in the /etc/lftp.conf ## lftp added by glu 29/03/2007 set ftp:ssl-allow on set ssl:verify-certificate off set ftp:ssl-protect-data on set ftp:passive off set ftps:initial-prot "C" With those new installations and configurations, lftp with ftps mode recognizes the directive ftps:initial-prot. However, it always says "SSL_connect: unknown protocol" with every possibility such as "C", "S", "E", "P" or "". [EMAIL PROTECTED]:/root/patches/lftp-3.5.10$lftp ftps://blxch2 lftp blxch2:~> user sctest1 Password: lftp [EMAIL PROTECTED]:~> debug 5 lftp [EMAIL PROTECTED]:~> ls ---- Connecting to blxch2 (142.117.32.223) port 990 **** SSL_connect: unknown protocol ls: Fatal error: SSL_connect: unknown protocol lftp [EMAIL PROTECTED]:~> set -a |grep ftps set ftps:initial-prot "" lftp [EMAIL PROTECTED]:~> set ftps:initial-prot "C" lftp [EMAIL PROTECTED]:~> ls ---- Connecting to blxch2 (142.117.32.223) port 990 **** SSL_connect: unknown protocol ls: Fatal error: SSL_connect: unknown protocol lftp [EMAIL PROTECTED]:~> set ftps:initial-prot "F" F: must be one of: C, S, E, P, or empty. lftp [EMAIL PROTECTED]:~> set ftps:initial-prot "S" lftp [EMAIL PROTECTED]:~> ls ---- Connecting to blxch2 (142.117.32.223) port 990 **** SSL_connect: unknown protocol ls: Fatal error: SSL_connect: unknown protocol lftp [EMAIL PROTECTED]:~> set ftps:initial-prot "E" lftp [EMAIL PROTECTED]:~> ls ---- Connecting to blxch2 (142.117.32.223) port 990 **** SSL_connect: unknown protocol ls: Fatal error: SSL_connect: unknown protocol lftp [EMAIL PROTECTED]:~> set ftps:initial-prot "P" lftp [EMAIL PROTECTED]:~> ls ---- Connecting to blxch2 (142.117.32.223) port 990 **** SSL_connect: unknown protocol ls: Fatal error: SSL_connect: unknown protocol What should I do next, do you have any idea? Thanks in advance! Guanqing -----Original Message----- From: Alexander V. Lukyanov [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2007 12:20 AM To: Lu, Guanqing (J3206) Cc: Doucerain, Jerome (520031); [email protected] Subject: Re: ERROR: Certificate verification: unable to get local issuer certificate On Mon, Apr 02, 2007 at 11:32:47AM -0400, [EMAIL PROTECTED] wrote: > Certificate depth: 0; subject: /C=CA/ST=QUEBEC/L=MONTREAL/O=CONNEXIM/OU=Gestion Serveurs/CN=blxch2.qc.bell.ca; issuer: /C=CA/ST=QUEBEC/L=MONTREAL/O=CONNEXIM/OU=Gestion Serveurs/CN=Certification Authority/[EMAIL PROTECTED] > ERROR: Certificate verification: unable to get local issuer certificate > ls: Erreur fatale: SSL connect: unable to get local issuer certificate > > I put both > > set ssl:verify-certificate no See if there is a more specific setting (like ssl:verify-certificate/blxch2) using: lftp> set -a|grep verify-certificate -- Alexander.
