I have 2 clients I'm using to fetch files from 2 different Servers using
The command I use is this (IP differs between the servers):
curl -s -S --stderr err_log -k --user U:1 -o pkg.tgz --cert cert.pem --key pkey.pem ftps://10.10.10.10:21/file.tgz
From the 1st server I get the files, but from the 2nd, I always fail with:
curl: (56) OpenSSL SSL_read: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number, errno 0
vsftpd.conf in both servers (and restarted
vsftpd service, just in case) and there are a few differences:
listen_port=21:Working server (WS) has line
listen_port=21where not-working server (NWS) doesn't. I fixed that (removed from WS) and still got it working...
rsa_cert_file:: the file's name is different, but that shouldn't affect anything
ca_certs_file:: the file's name is different also, but that shouldn't affect anything
Also tried playing with
--tlsv1, --sslv2, --sslv3 with no success.
I've seen some posts, but nothing really helpful.
This is the NWS (not-working-server) vsftpd.conf (at least the SSL part):
# SSL configuration ssl_enable=YES allow_anon_ssl=NO force_anon_data_ssl=YES force_anon_logins_ssl=YES force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO rsa_cert_file=/etc/ssl/private/*** rsa_private_key_file=/etc/ssl/private/*** require_ssl_reuse=NO ssl_ciphers=HIGH require_cert=YES validate_cert=YES ca_certs_file=/etc/ssl/private/*** implicit_ssl=YES pasv_enable=YES pasv_min_port=21000 pasv_max_port=21010 debug_ssl=YES dual_log_enable=YES