Cyberduck Mountain Duck CLI

Opened on Jul 31, 2008 at 6:42:50 PM

Closed on Jan 10, 2009 at 6:39:39 PM

Last modified on Jun 12, 2010 at 12:19:31 AM

#2371 closed defect (fixed)

Fails to verify wildcard certificate

Reported by: anonymous Owned by: dkocher
Priority: high Milestone: 3.1.2
Component: ftp-tls Version: 3.0.3
Severity: major Keywords: ssl tls ftps
Cc: Architecture:
Platform:

Description

When using CyberDuck 3.0.1 against a ftps site, it reports:

Trust for this certificate has not been established, and no user intent is known.

However, when "show certificate" is chosen, it show "This certificate is valid".

The only "odd" thing about my certificate is that it is a wildcard (*) certificate, issued by DigiCert (digicert.com).

Note: Other ftps clients don't "complain" about this certificate

Change History (6)

comment:1 Changed on Jul 31, 2008 at 11:52:28 PM by dkocher

Thanks for your report. Wildcards should not be a problem. I have the following suggestions to anlyze the issue.

  • Check with Keychain Access.app what is is saying about the certificate.
  • Restart Cyberduck. Sometimes a cached result are not properly refetched for trust settings.
  • Let me know the URL you are connecting to so I can see if I get the same results.

comment:2 Changed on Aug 1, 2008 at 8:12:55 AM by watt

Hello,

I have the exact same problem with a wildcard certificate.

The odd thing is that when I look at the certificate, Cyberduck tells me in the text in the upper part of the message window: "The certificate for this server is invalid." In the lower part, there is a green tickmark and it says "This certificate is valid".

The only difference is that it is issued for *.domain.com, and the server is under some.domain.com.

comment:3 Changed on Aug 1, 2008 at 11:19:44 AM by dkocher

  • Summary changed from FTPS (SSL/TLS) fails to authenticate certificate to Fails to verify wildcard certificate

comment:4 Changed on Nov 24, 2008 at 2:40:48 PM by givano@…

  • Version changed from 3.0.1 to 3.0.3

Hello,

experiencing the same problem with our wildcard cert. Using version 3.0.3. Do you already know when it will be fixed? Maybe you have a release candidate so I could test it.

I can send you the link for testing to your email if you like

Thanks, Ivan

comment:5 Changed on Jan 10, 2009 at 6:39:39 PM by dkocher

  • Resolution set to fixed
  • Status changed from new to closed

Fixed in r4459 and r4461.

comment:6 Changed on Jan 12, 2009 at 9:23:43 AM by dkocher

  • Milestone changed from 3.2 to 3.1.2
Note: See TracTickets for help on using tickets.