Java FTPS disabling Certificate Check , FOR FIX FTP SSL certificate expired exception
2 min readMar 26, 2024
1)the encryption of the FTPS server will be either TLS explicit encryption or TLS explicit encryption.Use the constructor arg for FTPS accordingly. like
FTPSClient ftpClient = new FTPSClient(false);2)if your FTPS server security certificate has expired, disable the check from client by
ftpClient.setTrustManager(new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
});3)enable file transfer between server and client using this method
ftpClient.enterLocalPassiveMode();4)use the right port number. Usually for explicit encryption it is 21 and for implicit it is 990
The above four are the common configs required to establish a connection. The end snippet looks something like this
FTPSClient ftpClient = new FTPSClient(false);
ftpClient.setTrustManager(new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
});
ftpClient.connect("ftps.mydomain.com",21);
boolean res = ftpClient.login("username", "password");
if(!res) throw new Exception("unable to connect to ftps");
int reply=ftpClient.getReplyCode();
if(FTPReply.isPositiveCompletion(reply)){
ftpClient.enterLocalPassiveMode();
FTPFile[] ftpFiles = ftpClient.listFiles("/folder/subfolder");
System.out.println("complete "+reply+" "+ftpFiles.length);
for(FTPFile x: ftpFiles){
System.out.println(x.getName());
}
ftpClient.retrieveFile("/folder/subfolder/file.tsv",new FileOutputStream(new File("C:\\Users\\myname\\Desktop\\out.csv")));
}else{
throw new RuntimeException("unable to get valid reply from ftp server. Reply code is "+reply);
}