FTPS TLS 1.1 and 1.2 support

Got a good idea? Want to share it? Then please take a moment to submit it.
Post Reply
eiji-gravion
Posts: 2
Joined: Sun Feb 10, 2013 9:05 pm

FTPS TLS 1.1 and 1.2 support

Post by eiji-gravion » Sun Feb 10, 2013 9:09 pm

Hello,
Since most of the major SSL/TLS libraries now support TLS 1.1 and 1.2, would you be able to include support for this? It would also be nice to see included support for TLS 1.2 ciphers as well, such as AES-GCM.

Thank you

mb
Posts: 12026
Joined: Thu Oct 11, 2001 1:24 pm
Display name: Mat (SmartFTP)
Contact:

Re: FTPS TLS 1.1 and 1.2 support

Post by mb » Mon Feb 11, 2013 1:27 am

SmartFTP uses schannel. Therefore TLS 1.2 is available starting with Windows 7 / Windows 2008 R2:
http://blogs.msdn.com/b/kaushal/archive ... 18922.aspx
 
This is the log from a connection to ftp.smartftp.com using FTPS:
 
[02:28:07] SmartFTP v4.1.1307.0
[02:28:07] Resolving host name "ftp.smartftp.com"
[02:28:07] Connecting to 75.126.59.170 Port: 21
[02:28:07] Connected to ftp.smartftp.com.
[02:28:08] 220 
[02:28:08] AUTH TLS
[02:28:08] 234 AUTH command ok. Expecting TLS Negotiation.
[02:28:08] TLS 1.2 encrypted session established.
[02:28:08] Key Exchange: 2048 bit RSA
[02:28:08] Session Cipher: 128 bit AES
 
Last edited by mb on Mon Feb 11, 2013 1:29 am, edited 1 time in total.

eiji-gravion
Posts: 2
Joined: Sun Feb 10, 2013 9:05 pm

Re: FTPS TLS 1.1 and 1.2 support

Post by eiji-gravion » Tue Feb 12, 2013 9:07 am

<blockquote class="ipsBlockquote" data-author="mb" data-cid="61502" data-time="1360546069">SmartFTP uses schannel. Therefore TLS 1.2 is available starting with Windows 7 / Windows 2008 R2:
http://blogs.msdn.com/b/kaushal/archive ... 18922.aspx
 
This is the log from a connection to ftp.smartftp.com using FTPS:
 
[02:28:07] SmartFTP v4.1.1307.0
[02:28:07] Resolving host name "ftp.smartftp.com"
[02:28:07] Connecting to 75.126.59.170 Port: 21
[02:28:07] Connected to ftp.smartftp.com.
[02:28:08] 220 
[02:28:08] AUTH TLS
[02:28:08] 234 AUTH command ok. Expecting TLS Negotiation.
[02:28:08] TLS 1.2 encrypted session established.
[02:28:08] Key Exchange: 2048 bit RSA
[02:28:08] Session Cipher: 128 bit AES
 </blockquote>
Shame that schannel seems to require a registry edit on a Win7 setup to get 1.1 and 1.2 enabled. That means virtually no one is going to be using them.

mb
Posts: 12026
Joined: Thu Oct 11, 2001 1:24 pm
Display name: Mat (SmartFTP)
Contact:

Re: FTPS TLS 1.1 and 1.2 support

Post by mb » Fri Nov 29, 2013 4:49 pm

To enable TLS 1.1 and 1.2 on Windows 7:
https://www.smartftp.com/support/kb/ena ... f2679.html
Last edited by mb on Sat Nov 01, 2014 2:08 am, edited 1 time in total.

Post Reply