cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
550 supply message incomplete error (FTPS file upload)
By
Nedim
Published Aug 15 2019 09:01 AM 6,455 Views
Nedim
Microsoft
‎Aug 15 2019 09:01 AM

550 supply message incomplete error (FTPS file upload)

‎Aug 15 2019 09:01 AM

In a case I worked on, FTP file upload was working fine while FTPS was failing with the error message below. It was failing for all IIS servers and all FTP clients.

 

550 supply message incomplete, signature was not verified

 

Sample FTP log:

 

 

 

2019-06-13 20:28:26 134.165.112.56 SERVER\user 134.45.232.24 21 STOR test.txt 550 2148074264 0 05edb0d4-756e-4509-8d5e-4f566cae5bfb /test.txt

 

 

 

 

Root Cause

The sample FTP log above shows 2148074264 as sc-win32-status. This error code maps to SEC_E_INCOMPLETE_MESSAGE which means “The supplied message is incomplete. The signature was not verified”.

 

There is a known issue in Windows Server 2008, 2008 R2, 2012, and 2012 R2 that causes this error while using FTPS because of a bug in TLS communication.

 

Solution

Here is the hot-fix page for this bug. The download link in this page is broken. However, you can try downloading it via this page or this one. Install the hot-fix and restart the server.

 

If you receive “This update is not applicable” error while trying to install the hot-fix:

  • Extract the KB (MSU file) using this command:

 

Expand –F:* <path of downloaded KB>  <Destination folder where you need to extract>

 

  • Run the command below to install the patch:

 

DISM.exe /Online /Add-Package /PackagePath:<path of the extracted file (select.cab file)>

 

 

It didn’t work?

Make sure to apply the correct update for your server’s operating system. If you are still seeing “550 supply message incomplete” error, try the following steps.

 

Connect to FTP server via IP

If you are using a hostname (ftp.domain.com etc.) for FTP connections, perform the following instructions:

  1. In the client machine, open Hosts file (C:\Windows\System32\drivers\etc\hosts)
  2. Enter the line below and save it (Enter IIS server’s IP address instead of 192.168.1.100)
  3. 192.168.1.100 ftp.domain.com
  4. Run ipconfig /flushdns
  5. Try to connect FTP server again. If it works, it means there is a firewall blocking the FTPS port between client and server. If it doesn’t work, continue with the next section.

 

Try using SFTP instead of FTPS

FTPS uses two channels: Command Channel and Data Channel. Some firewalls and routers allow Data Channel communication only after reading the Command Channel data. If they can’t decrypt the Command Channel data when FTPS is used, they may block Data Channel communication.

 

SFTP uses only one channel for both commands and data. Therefore, this issue may not occur if you use SFTP. If it still occurs, continue with next section below.

 

2.png

A screenshot that shows protocols in an FTP client

 

Try disabling TLS 1.2 in IIS server

It is not recommended to disable TLS 1.2 but this test would help you to narrow down the issue. Please do not disable TLS in your production servers.

In order to disable TLS 1.2 for testing purposes:

  1. Go to Registry Editor
  2. Go this path:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
  3. Add these two D-Words:
    DisabledByDefault =1
    Enabled = 0
  4. Restart the server
0 Likes
Like
Version history
Last update:
‎Jan 08 2020 07:48 AM
Updated by: