Integration error: "The remote certificate is invalid according to the validation procedure." with an FTPS file location Follow

Avatar
Samantha Petro

Symptom

 When setting up a drop file integration with FTPS as the scan folder, the integration cannot start up and yields the error "The remote certificate is invalid according to the validation procedure."

Environment

 BarTender 2016, IIS

Fix/Answer

When setting up the Integration, the builder tries to reach out to the FTPS server to access the location. However, it receives an invalid certificate. This happens when the FTPS server is hosted in IIS and uses a self-signed certificate.

The self-signed certificate is actually missing specific keys that the Integration Builder wants to use in order to create a secure connection. We can actually see the same results if we try to connect to the FTPS site with FileZilla:

ftpcert.png

error -48 tells us the certificate key is incorrect and that the software can't establish a secure connection.

Creating a proper certificate

Open up an elevated power shell (WinKey+X) and type the following while replacing the HOSTNAME and FTPSLOCATION as your own. (note the quotes are required in these two locations)

PS C:\Windows\system32> new-selfsignedcertificate -dnsname "HOSTNAME" -certstorelocation "FTPSLOCATION" -friendlyname "powershellcert" -keydescription "self-signed cert" -keyalgorithm "RSA" -keylength "2048" -keyusage dataencipherment, keyencipherment, digitalsignature

Once you create the certificate, it will appear in your personal certificates on the computer

Adding the certificate to the IIS server

Locate the certificate in your computer's certificate store. You can find this in the Control Panel or search on your start menu:

ftpcert_store.png

When that opens, navigate to Personal > Certificates and locate the one you just created:

ftpcert2.png

Right click on the key, go to All Tasks > Export. Save the key in a location you can find.

In the IIS Manager, locate your Server Certificates and Import the certificate into the list.

ftpcert3.png

Now you should see the certificate listed here. Next on the FTPS site, locate the FTP SSL Settings and select the new certificate from the drop-down menu:

ftpcert4.png

Once you save your settings, the error in the Integration goes away.

More Information (optional)

 This seems to be an error with the IIS Self-signed Certificate process. Other self-signed certificate generators don't seem to have this issue.

Was this article helpful?

0 out of 0 found this helpful

Please sign in to leave a comment.