On Mon, Mar 20, 2017 at 11:49:46PM +0100, Daniel Fazekas wrote: > On Mar 20, 2017, at 14:55, Nathanaël Naeri <nathanael.na...@gmail.com> wrote: > > Is that an issue that this hosting company could do something about? I > > can ask their sysadmins for help. > > It's a common setup mistake to make for server admins that they only add the > server certificate to their configuration. Normally you also need to add one > or more CA intermediate certs so that clients, which only normally carry and > trust a bundle of root certs, could successfully verify the whole chain. > It's generally as simple as concatenating the intermediate cert(s) after your > server certificate, for the server admin. > > This could be the issue causing your problems, and something only they can > fix, short of you manually adding that missing intermediate cert on all your > client systems, working around their mistake.
This seems to be the issue. The certificate chain of the ftp server is not a chain, but rather a single link. It's necessary either change the server's certificate to the full chain to the root CA, or add the "next link" to the local CA storage. -- Alexander. _______________________________________________ lftp mailing list lftp@uniyar.ac.ru http://univ.uniyar.ac.ru/mailman/listinfo/lftp