none
FTPS using TLS 1.2 using Microsoft Integration Pack RRS feed

  • Question

  • Hi

    I'm having problems getting Orchestrator to connect to an FTPS server using the IP in orchestrator.  It doesn't matter which activity I try they all fail.  I've followd all the instructions listed in Microsoft document 4051111 - TLS 1.2 Protocol Support Deployment Guide for System Center 2016

    and I can connect to the server with ftps using filezilla.

    Looking at a wireshark trace from both servers it never tries to initiate the TLS connection.  It performs the initial handshake and that's it.  It makes no difference if I specify the certificate or not. 

    The orchestrator error is

    List Folder failure: List Folder failure, Log: Connected to [IPADDRESS]:990 on 31/05/2019 @ 10:26:35


    Exception: FtpServiceException
    Target site: FtpService.ListFolder

    Stack trace:
       at SystemCenter.IntegrationPack.Ftp.Protocol.Core.FtpService.ListFolder(String folderPath, Boolean recursive, Filter[] filters)
       at SystemCenter.IntegrationPack.Ftp.Domain.ListFoldersFilesCommand.Execute(IFtpService ftpService)
       at SystemCenter.IntegrationPack.Ftp.Domain.ExecuteContext.Execute(FtpCommand command)
       at SystemCenter.IntegrationPack.Ftp.Activities.ListFoldersFilesActivity.DoExecute(ExecuteContext context)
       at SystemCenter.IntegrationPack.Ftp.Activities.FtpActivity.Execute(IActivityRequest request, IActivityResponse response)

    In the event log the schannel does also record

    A fatal error occurred while creating a TLS client credential. The internal error state is 10013.  

    Can anyone offer advice please?  I'm wondering if it is the credential path being wrong (The error happens whatever is in there)

    Thanks

    Monday, June 3, 2019 4:05 PM

All replies

  • Hi,

    I remember having issues with this integration pack, so I used to use another third party SFTP integration pack, which is based on PuTTy (originally created by Jon Mattivi).

    Here's another thread with similar symptoms as you:
    FTP Integration Pack - FTPS file upload fails


    You could try the third party SFTP integration pack to see if you can get it working, you can download it from my blog: 
    https://thesystemcenterblog.com/integration-packs
    (
    Integration Pack for SFTP/FTP 1.3).


    Best regards,
    Leon


    Blog: https://thesystemcenterblog.com LinkedIn:

    Monday, June 3, 2019 6:26 PM
  • Hi,

    I would try it with "Run .Net Script" Activity and a PowerShell Script like here: https://gist.github.com/pbrumblay/6551936

    Regards,

    Stefan


    More and news about System Center at stillcool.de and sc-orchestartor.eu .

    Tuesday, June 4, 2019 6:44 AM
    Answerer
  • Hi.

    Thanks for that.  I have looked into third party integration packs unfortunately they all seem to do sftp instead of ftps (I have never understood why they gave them such similar acronyms).  If you know of any that do mention FTPS I would be grateful as I've not been able to find any so far.

    Thanks

    Paul

    Tuesday, June 4, 2019 8:28 AM
  • Hi

    I'm not having much luck with the Powershell scripts either as they all seem to reference a version that doesn't support TLS1.2

    Thanks

    Monday, June 10, 2019 12:37 PM
  • Well after many back and forth between myself and Microsoft I've got the to agree that this is a bug.  A patch for it is expected to be released in March 2020.  To put it briefly.  If you are connecting to an IIS ftp server and both servers are hardened as per Microsoft documents and are using TLS 1.2 then it doesn't initiate the handshake as it should do.
    Monday, November 25, 2019 2:46 PM